IMDEA Networks has successfully completed its participation in the COMET project, an initiative funded by the Spanish Ministry of Science, Innovation and Universities and the European Union through NextGenerationEU/PRTR funds. This project, led at our institute by researcher Guillermo Suárez-Tangil, has made significant advances in the study of malicious software, online fraud, and the spread of disinformation on social media.

One of the highlighted studies of the COMET project, in collaboration with University College London, has analyzed in depth the scam known as “Hi, mom and dad”, which operates through SMS. “We interacted with alleged scammers posing as potential victims. Through 711 interactions, we identified 582 mule accounts used by the scammers, who attempted to obtain more than £577,000 in three months,” explains Suarez-Tangil. This work, published in USENIX Security 2025, demonstrates how cybercriminals exploit mobile operator services and financial institutions to commit fraud.

Within the framework of the project, the IOC Stalker tool has been developed, designed to extract intelligence on Indicators of Compromise (IoCs) from clandestine markets. “We have analyzed a high-profile hacking forum that allows us to detect IoCs approximately 490 days before they appear in open source intelligence (OSINT) sources, used by popular antiviruses,” highlights Suarez-Tangil.

The research team has also identified code reuse patterns in fraudulent attacks. “We collected a large amount of malicious code from clandestine forums, attachments, and GitHub repositories. We found three repositories with spam programs for Instagram that share large portions of code, as well as seven samples of ransomware (a type of malware) on GitHub, including a ransomware collection repository,” notes Suarez-Tangil.

The findings of the COMET project have also allowed the study of information spread on social media and the formation of echo chambers. In a case study, they analyzed three recent and highly controversial political topics, mainly in the United States, along with a non-controversial topic: the war between Russia and Ukraine, abortion, gun control, and the SXSW music festival. It was observed that “there is a greater echo chamber effect among Republicans compared to Democrats and broad explicit support for Ukraine, especially among Democrats,” explains Suarez-Tangil.

Furthermore, it was found that less polarization is correlated with a smaller echo chamber effect, as in the case of the conflict between Russia and Ukraine.

The methods developed in the COMET project lay the foundation for future research on emerging threats. “We want to apply these methodologies to the study of the Metaverse and new trends in online fraud,” concludes Suarez-Tangil.

The COMET project has reinforced knowledge about digital threats and their diffusion mechanisms, providing key tools and methodologies for online security and the regulation of digital platforms.