Europol coordinates global action against criminal abuse of Cobalt Strike


Law enforcement has teamed up with the private sector to fight against the abuse of a legitimate security tool by criminals who were using it to infiltrate victims’ IT systems.

Older, unlicensed versions of the Cobalt Strike red teaming tool were targeted during a week of action coordinated from Europol’s headquarters between 24 and 28 June. Throughout the week, law enforcement flagged known IP addresses associated with criminal activity, along with a range of domain names used by criminal groups, for online service providers to disable unlicensed versions of the tool.

Read more…
Source: Europol


Sign up for our Newsletter


Related:

  • Pakistan tests secret China-like ‘firewall’ to tighten online surveillance

    November 26, 2024

    Pakistan’s government has deployed Chinese technology to build what some senior officials familiar with the project are calling a new, national internet “firewall” that will allow authorities to monitor online traffic and regulate the use of popular apps with greater control than before. The project aims to upgrade the government’s web monitoring capabilities at the country’s ...

  • INTERPOL: Major cybercrime operation nets 1,006 suspects

    November 26, 2024

    LYON, France – Authorities across 19 African countries have arrested 1,006 suspects and dismantled 134,089 malicious infrastructures and networks thanks to a joint operation by INTERPOL and AFRIPOL against cybercrime. Operation Serengeti (2 September – 31 October) targeted criminals behind ransomware, business email compromise (BEC), digital extortion and online scams – all identified as prominent threats ...

  • Internet, mobile services disrupted in major cities, including Karachi, Islamabad

    November 24, 2024

    Communication services across Pakistan are hit by significant disruptions as the Pakistan Tehreek-e-Insaf (PTI) gears up for its much-anticipated “do-or-die” protest in Islamabad. Major cities like Karachi, Islamabad, and Rawalpindi have reported interruptions in mobile internet and other services, causing inconvenience for residents and businesses alike. These outages are part of the government’s intensified security measures ...

  • UK: Prison layouts reportedly leaked on dark web

    November 23, 2024

    The Ministry of Justice has said it is aware of a data breach affecting prisons in England and Wales. Confidential prison layouts had been leaked onto the dark web in the past two weeks, according to The Times. A former prison governor told the paper organised crime groups could potentially use the information to smuggle drugs ...

  • US charges five in ‘Scattered Spider’ hacking scheme

    November 20, 2024

    U.S. prosecutors unveiled criminal charges on Wednesday against five alleged members of Scattered Spider, a loose-knit community of hackers suspected of breaking into dozens of U.S. companies to steal confidential information and cryptocurrency. Martin Estrada, the U.S. Attorney in Los Angeles, said the defendants conducted phishing attacks by sending bogus but real-looking mass text messages to ...

  • FBI: Easy Access to Information for Conducting Fraudulent Emergency Data Requests Impacts US-Based Companies and Law Enforcement Agencies

    November 4, 2024

    The Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification to highlight a trend of compromised US and foreign government email addresses used to conduct fraudulent emergency data requests to US-based companies, exposing personally identifying information (PII). While the concept of fraudulent emergency data requests was previously used by other threat actors, such as ...