Cyber Resilience

Campaign · all campaigns

CostaRictoC0004 unknown

aka CostaRicto

Last updated: 2026-07-03

0attributed CVEs
15ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[CostaRicto](https://attack.mitre.org/campaigns/C0004) was a suspected hacker-for-hire cyber espionage campaign that targeted multiple industries worldwide, with a large number being financial institutions. [CostaRicto](https://attack.mitre.org/campaigns/C0004) actors targeted organizations in Europe, the Americas, Asia, Australia, and Africa, with a large concentration in South Asia (especially India, Bangladesh, and Singapore), using custom malware, open source tools, and a complex network of proxies and SSH tunnels.(Citation: BlackBerry CostaRicto November 2020)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
CM-68 / 1553%
CM-78 / 1553%
SI-48 / 1553%
AC-37 / 1547%
CM-27 / 1547%
AC-46 / 1540%
SC-76 / 1540%
CA-75 / 1533%
SI-35 / 1533%
AC-64 / 1527%
CM-84 / 1527%
RA-54 / 1527%
AC-23 / 1520%
IA-23 / 1520%
SI-103 / 1520%

Co-occurring actors

None.

Similar actors