Europol coordinates global action against criminal abuse of Cobalt Strike


Law enforcement has teamed up with the private sector to fight against the abuse of a legitimate security tool by criminals who were using it to infiltrate victims’ IT systems.

Older, unlicensed versions of the Cobalt Strike red teaming tool were targeted during a week of action coordinated from Europol’s headquarters between 24 and 28 June. Throughout the week, law enforcement flagged known IP addresses associated with criminal activity, along with a range of domain names used by criminal groups, for online service providers to disable unlicensed versions of the tool.

Read more…
Source: Europol


Sign up for our Newsletter


Related:

  • Spyware firm SpyFone leaves customer data, recordings exposed online

    August 24, 2018

    Spyware is morally dubious software, and yet, business is booming. This particular form of malware comes in various forms including keyloggers, modular software capable of taking screenshots, malicious code able to view and steal content such as photos and videos, as well as recorders of text messages, phone calls, and browser histories. It is not just government entities or ...

  • EU considers 60-minute deadline for social networks to remove terrorist content

    August 20, 2018

    No longer the carrot, now the stick: the European Commission is considering imposing an hour-long deadline for social networks to remove terrorist and extremist content after voluntary measures appear to have failed. As reported by the Financial Times on Sunday, Facebook, Twitter, and YouTube, as well as smaller businesses, are all within the EU’s sights. This is the first ...

  • FBI Warns Of ATM Hacking Campaign

    August 16, 2018

    The FBI has warned banks that cybercriminals are preparing to carry out a “highly choreographed, global fraud scheme known as an ‘ATM cash-out’.” The threat, reported by Krebs On Security cybersecurity blog, will apparently see criminals hacking a bank or payment card processor, and using cloned cards at ATMs around the world to fraudulently withdraw “millions of ...

  • Australia plans law for tech firms to hand over encrypted private data

    August 14, 2018

    Australia on Tuesday proposed a new law requiring technology firms such as Alphabet Inc’s Google, Facebook and Apple to give police access to private encrypted data linked to suspected illegal activities. The measure, which targets platforms the Australian government says could be used for criminal activities or to plan a terror attack, would require police to ...

  • FBI struggles to retain top cyber talent

    August 3, 2018

    The recent departures of four top FBI cyber officials reflect a troubling trend: The bureau is losing its most seasoned agents and supervisors tasked with disrupting digital threats from Russia and elsewhere, even as threats to the nation’s power grid and elections grow. Close to 20 top FBI cybersecurity leaders have left for high-paying corporate jobs over the ...

  • DOJ Nab Three FIN7 Cybercrime Suspects in Europe

    August 1, 2018

    Three people believed to be member of the FIN7 (or Carbanak) hacking group have been arrested in Europe, according to the US DOJ. Three suspected members of the FIN7 cybercrime group have been arrested in Europe and accused of hacking more than 120 U.S.-based companies with the intent of stealing bank cards. In total, U.S. Department of ...