Europol coordinates global action against criminal abuse of Cobalt Strike


Law enforcement has teamed up with the private sector to fight against the abuse of a legitimate security tool by criminals who were using it to infiltrate victims’ IT systems.

Older, unlicensed versions of the Cobalt Strike red teaming tool were targeted during a week of action coordinated from Europol’s headquarters between 24 and 28 June. Throughout the week, law enforcement flagged known IP addresses associated with criminal activity, along with a range of domain names used by criminal groups, for online service providers to disable unlicensed versions of the tool.

Read more…
Source: Europol


Sign up for our Newsletter


Related:

  • London police software quarantines thousands of cybercrime reports

    October 25, 2019

    Over 9,000 cybercrime reports filed by UK citizens have sat inside a police database without being investigated after security software mistakenly identified them as containing malicious code and placed them in quarantine. All the quarantined reports came from Action Fraud, an official UK police website where victims can report fraud and cybercrime. According to an audit published this week ...

  • US, UK, and Australia jointly request for Facebook to stop end-to-end encryption plans

    October 4, 2019

    The United States, the United Kingdom, and Australia have joined to request that Facebook delay its plans to implement end-to-end encryption across its messaging services. First reported by BuzzFeed News, the governments on Thursday jointly published an open letter to Facebook CEO Mark Zuckerberg, asking for the company to ensure that encryption does not impede government officials ...

  • Dutch police take down hornets’ nest of DDoS botnets

    October 2, 2019

    Dutch police have taken down this week a bulletproof hosting provider that has sheltered tens of IoT botnets that have been responsible for hundreds of thousands of DDoS attacks around the world, ZDNet has learned. Servers were seized, and two men were arrested yesterday at the offices of KV Solutions BV (KV hereinafter), a so-called bulletproof hosting provider, ...

  • Feds Indict 281 People for Involvement in Massive Email Fraud Scheme

    September 11, 2019

    Federal authorities have arrested 281 people and seized nearly $3.7 million in a coordinated effort between multiple agencies to disrupt a massive email-fraud scheme. Perpetrators of a global business email compromise (BEC) scheme were the target of a four-month investigation that began in May called Operation reWired, a coordinated effort by the U.S. Departments of Justice (DoJ), ...

  • Terrorism, espionage, and cyber: ASIO’s omne trium perfectum

    September 6, 2019

    “I had to remind myself the other day that when 9-11 took place, of course, there were no tweets, it’s interesting. It only seems like yesterday. There was no social media as we know it today,” Australia’s Director-General of Security Duncan Lewis said during an address to the Lowy Institute. Since then, a lot has changed ...

  • Poland pressured to say if it bought Israeli phone spyware

    September 4, 2019

    The Polish government is coming under pressure to clarify whether it has purchased sophisticated and potentially illegal phone surveillance technology that has been used to stifle dissent in other countries. Opposition lawmakers asked Prime Minister Mateusz Morawiecki whether the special services bought Pegasus, the spyware produced by NSO Group, an Israeli company. Morawiecki appeared to sidestep the ...