CosmicBeetle attacks European organizations
The hacker group CosmicBeetle attacks organizations worldwide, especially European ones. The group uses the Spacecolon toolset to spread ransomware among its victims and extort ransoms. The attackers exploit the zero-logon vulnerability in web servers for their attacks. Alternatively, hackers resort to classic brute force attacks on RDP credentials to break into organizations. Spacecolon has been active since at least May 2020 to date. CosmicBeetle also operates globally The specialists at ESET were able to track CosmicBeetle and its tools worldwide. Countries in the European Union such as Spain, France, Belgium, etc. are particularly affected.