Cobalt Strike, a penetration testing tool, has been exploited in cyber-attacks, prompting Fortra, Microsoft, and Health-ISAC to launch a coordinated initiative to hinder its malicious use. This campaign, initiated in 2023, involved various legal and technical strategies that successfully reduced the number of compromised software versions by 80% and disrupted over 200 malicious domains. Notably, in July 2024, during Operation MORPHEUS, they flagged 690 IP addresses associated with criminal activities, leading to the takedown of 593 across 27 countries, notably helping protect critical sectors like healthcare.
Malicious use of penetration testing tool Cobalt Strike and other legitimate tools has been significantly curtailed after an "aggressive campaign" by its developer Fortra and Microsoft.
The abuse of Fortra and Microsoft's software tools laid the groundwork for this collaboration, which, with the assistance of our other public and private partners, has allowed for the disruption of criminal operations.
Cobalt Strike has been used to devastating effect in a wide range of threat campaigns.
Fortra was part of Operation MORPHEUS, a coordinated global effort to takedown IP addresses and domain names associated with illegal activity.
Collection
[
|
...
]