Codoso

Codoso, also known as C0d0so0 or the Sunshop Group, is a notable threat actor in the cybersecurity landscape. Originally identified by FireEye as the Sunshop Group in 2013, this adversary group has been on security research radars since 2010 due to its numerous targeted attacks exploiting zero-day vulnerabilities. The group's modus operandi includes using sophisticated malware like Derusbi, similar to another prominent threat actor, Deep Panda. Unit 42 recently discovered new malicious activity linked to Codoso while investigating unknown malware and attack campaigns through the AutoFocus threat intelligence platform. This discovery indicates that Codoso continues to be an active and significant threat in the cybersecurity world, constantly evolving and adapting their techniques to carry out their operations more effectively. In a recent incident, Codoso was implicated in a watering hole attack against Forbes and other targets in November of the previous year. This attack was attributed to Codoso by iSIGHT Partners and Invincea, confirming the group's ongoing activities and highlighting their ability to target high-profile entities. These incidents underscore the importance of robust cybersecurity measures and constant vigilance against persistent threat actors such as Codoso.