Microsoft, Fortra & Health-ISAC Team Up to Remove Illicit Cobalt Strike ToolsMicrosoft, Fortra & Health-ISAC Team Up to Remove Illicit Cobalt Strike Tools
The effort aims to disrupt the use of altered Cobalt Strike software by cybercriminals in ransomware and other attacks.
April 7, 2023
Microsoft's Digital Crimes Unit (DCU), security software vendor Fortra, and the Health Information Sharing and Analysis Center (Health-ISAC), have joined forces to remove cracked legacy copies of Cobalt Strike by way of legal and technical action.
Using dated and maliciously altered versions of the Cobalt Strike software, threat actors have targeted healthcare organizations in nearly 70 ransomware attacks in 19 countries.
Cobalt Strike, sold by Fortra, is a reputable and popular post-exploitation security tool, but its older versions have become a favorite for cybercriminals to employ in nefarious activities. Pulling these legacy copies globally is a new approach for Microsoft's DCU, and it's aimed at cutting off the threat at the source: illegal distribution of compromised, malicious software.
"While this action will impact the criminals' immediate operations, we fully anticipate they will attempt to revive their efforts. Our action is therefore not one and done," Microsoft stated in a blog post. "Through ongoing legal and technical action, Microsoft, Fortra and Health-ISAC, along with our partners, will continue to monitor and take action to disrupt further criminal operations, including the use of cracked copies of Cobalt Strike."
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Get the Gartner Report: SOC Model Guide
Protecting Critical Infrastructure: The 2021 Energy, Utilities, and Industrials Cyber Threat Landscape Report
Building Immunity: The 2021 Healthcare and Pharmaceutical Industry Cyber Threat Landscape Report