Microsoft and Fortra crack down on malicious Cobalt Strike servers

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,260
Microsoft, Fortra, and the Health Information Sharing and Analysis Center (Health-ISAC) have announced a broad legal crackdown against servers hosting cracked copies of Cobalt Strike, one of the primary hacking tools used by cybercriminals.

"We will need to be persistent as we work to take down the cracked, legacy copies of Cobalt Strike hosted around the world," said Amy Hogan-Burney, the head of Microsoft's Digital Crimes Unit (DCU).

"This is an important action by Fortra to protect the legitimate use of its security tools. Microsoft is similarly committed to the legitimate use of its products and services."

Last Friday, March 31, the U.S. District Court for the Eastern District of New York issued a court order allowing the coalition to seize the domain names and take down the IP addresses of servers hosting cracked versions of Cobalt Strike.

This will happen with the help of relevant computer emergency readiness teams (CERTs) and internet service providers (ISPs), with the end goal of taking the malicious infrastructure offline.

Takedowns linked to this action have already started earlier this week, on Tuesday, and the court order also allows Microsoft and Fortra to disrupt new infrastructure that the threat actors will use in future attacks.

"Disrupting cracked legacy copies of Cobalt Strike will significantly hinder the monetization of these illegal copies and slow their use in cyberattacks, forcing criminals to re-evaluate and change their tactics," Hogan-Burney said.

"Today's action also includes copyright claims against the malicious use of Microsoft and Fortra's software code which are altered and abused for harm."
 
  • Applause
Reactions: vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top