By Microsoft Security
Cybercriminals are constantly looking for novel ways to evade detection and enact harm. Outdated copies of common security tools have become one avenue. Microsoft, cybersecurity software company Fortra™ and the Health Information Sharing and Analysis Center (Health-ISAC) recently came together to combat this issue.
On March 31, 2023, the U.S. District Court for the Eastern District of New York issued a court order allowing Microsoft, Fortra, and Health-ISAC to disrupt the malicious infrastructure criminals use to facilitate their attacks. Cobalt Strike, which is provided by Fortra, is a legitimate and popular post-exploitation tool used for adversary simulation; however, threat actors will sometimes abuse and alter older versions of the software. These illegal copies are referred to as “cracked” and have been used to launch destructive attacks, such as those against the Government of Costa Rica and the Irish Health Service Executive. Microsoft software development kits and APIs have also been abused as part of the malware coding and distribution infrastructure to target and mislead victims.
To read this article in full, please click here