Europol disrupts about 600 abusive Cobalt Strike servers
- by nlqip
Since September 2021, Europol’s European Cybercrime Centre (EC3) assisted the operation with analytical and forensic support and enabled information exchange among all partners. Additionally, law enforcement operated a “malware information sharing platform,” inviting private partners to add real-time threat intelligence to the effort.
“Over the span of the whole investigation, over 730 pieces of threat intelligence were shared containing almost 1.2 million indicators of compromise,” Europol added. “The disruption does not end here. Law enforcement will continue to monitor and carry out similar actions as long as criminals keep abusing older versions of the tool.”
Frequently abused pen-tester
The commercial pen-testing tool, originally designed for red teaming and adversary simulations, has been abused by cybercriminals from time to time to carry out attacks or package a challenging malware. The biggest of its abuses was the SolarWinds supply chain attack reported in December 2020, where attackers dropped customized Cobalt Strike Beacon through legitimate Orion platform updates.
Source link
lol
Since September 2021, Europol’s European Cybercrime Centre (EC3) assisted the operation with analytical and forensic support and enabled information exchange among all partners. Additionally, law enforcement operated a “malware information sharing platform,” inviting private partners to add real-time threat intelligence to the effort. “Over the span of the whole investigation, over 730 pieces of threat…
Recent Posts
- Hackers abuse Avast anti-rootkit driver to disable defenses
- Microsoft testing Windows 11 support for third-party passkeys
- Windows 11 24H2 update blocked on PCs with Assassin’s Creed, Star Wars Outlaws
- Windows 10 KB5046714 update fixes bug preventing app uninstalls
- Eight Key Takeaways From Kyndryl’s First Investor Day