Cobalt Strike takedown should make Sliver more popular
The British National Crime Agency (NCA) coordinated a Global action against “cracked” or illegal versions of Cobalt Strike, a widely used penetration testing suite sold from the company Fortra, but often pirated.
The NCA said: “Action has been taken against 690 individual cases of the Cobalt Strike malware across 129 internet service providers in 27 countries…” As of 28 June, 593 cases had been remediated.
Cobalt Strike is an advanced and sophisticated toolkit that is “specifically designed to create feature-rich backdoors in seconds” and has improved its ability to obfuscate malicious payload traffic on target networks over the years, including through integrations with, for example, C3.
See also: National Crime Agency destroys LockBit infrastructure and steals 1,000 decryption keys
The move by the law enforcement authorities is to be welcomed, but is likely to growing shift among threat actors away from Cobalt Strike and towards open source alternatives such as Bishop Fox‘s GPL-3.0 licensed “Silver“ (which was also widely forked on GitHub…)
Brutal Ratela commercial alternative, is also cracked and distributed among script kiddies as well as more serious threat actors. It was first exploited in the wild in serious campaigns by a Russian APT in 2022.
However, the move by the NCA and its partners will reinforce the sense among threat actors that their activities are being monitored by many well-resourced observers and that nation states are increasingly seeking to take aggressive action to disable infrastructures that host or support cybercriminal activities.
In related news, security company CrowdStrike will launch in 2022 noticed that malware use has dropped dramatically because employee credentials are so easy to obtain: There’s no need to launch a sophisticated intrusion campaign when you can just log in legally and then move on and get by with native Windows or Linux commands and tools.
See also: BitLocker was used in server attacks where “intrusion attempts were made with almost no malware”
Alice Cooper’s fortune: This is how much wealth the rock singer has accumulated over the years
The artist John Lennon said he had never made a bad song
Lightning strike | Guilty plea revoked | Girl with incurable disorder
About The Author
