Europol coordinates global action against criminal abuse of Cobalt Strike


Law enforcement has teamed up with the private sector to fight against the abuse of a legitimate security tool by criminals who were using it to infiltrate victims’ IT systems.

Older, unlicensed versions of the Cobalt Strike red teaming tool were targeted during a week of action coordinated from Europol’s headquarters between 24 and 28 June. Throughout the week, law enforcement flagged known IP addresses associated with criminal activity, along with a range of domain names used by criminal groups, for online service providers to disable unlicensed versions of the tool.

Read more…
Source: Europol


Sign up for our Newsletter


Related:

  • Northern Ireland: Disabled former police officers to receive damages for alleged data breach

    May 30, 2024

    Disabled former policemen and women in Northern Ireland are to receive undisclosed damages for an alleged data breach, their lawyer revealed today. Financial settlements were reached in legal action against the Charity Commission for Northern Ireland. Proceedings related to an investigation by the Commission into the workings of the Disabled Police Officers’ Association back in 2014. ...

  • Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap?

    May 29, 2024

    Notorious data leak site BreachForums appears to be back online after it was seized by law enforcement a few weeks ago. At least one of BreachForums domains and its dark web site are live again. However, questions have been raised over whether it is a genuine attempt to revive the forums once again or set up ...

  • Guidance on the 911 S5 Residential Proxy Service

    May 29, 2024

    The Federal Bureau of Investigation (FBI), Defense Criminal Investigative Services (DCIS), and Department of Commerce (DOC) are publishing this announcement to notify the public of the dismantlement of the 911 S5 residential proxy service and to help individuals and businesses better understand and guard against 911 S5 proxy service and botnet. 911 S5 began operating in ...

  • 23-year-old man accused of running $100 million online narcotics marketplace

    May 21, 2024

    Federal authorities have arrested a 23-year-old Taiwanese national and charged him with running an online market that sold $100 million worth of illicit narcotics, including fentanyl, cocaine, methamphetamine, heroin, LSD, and ketamine. The authorities said that for almost four years, Rui-Siang Lin operated and owned the Incognito Market, an online marketplace on the dark web that ...

  • Why and how TikTok was banned in New Caledonia

    May 16, 2024

    Speaking in Paris on the evening of Wednesday, May 15, French Prime Minister Gabriel Attal announced that the high commissioner for the French Pacific territory of New Caledonia had “banned TikTok” across the entire archipelago, in addition to a series of measures aimed at restoring order, including deploying military personnel to protect strategic sites. For the ...

  • Notorious data leak site BreachForums seized by law enforcement

    May 15, 2024

    BreachForums—probably the largest dark web marketplace for stolen data to be leaked and sold—has been seized by law enforcement.Now, both the regular and the TOR domain of BreachForums are plastered with a message telling visitors the site is now under control of the FBI. Raidforums ran from early 2015 until February 2022. The first iteration of ...