Cracked Version of Cobalt Strike Hacking Toolkit Identified by Google_TechnoidHost
Reading Time: 2 minutes

Cracked version of Cobalt Strike hacking toolkit, nearly 34 such versions released in the wild were identified by Google last week.

There are 275 different JAR files across 1.44 to 4.7 alpha builds. The latest version of Cobalt Strike is 4.7.2 which was released on May 30th, 2016. This also included the earliest shipped in November 2012.

Fortra (née HelpSystems), Cobalt Strike is a popular, adversarial framework that red teams use to simulate attack scenarios and measure the resilience of their cyber defenses.

It includes a Team Server that controls infected devices remotely and delivers the Beacon, which is a highly-developed implant.

In the last few years, unauthorized versions of the software have become a frequent weapon for many threat actors, who use it for all sorts of purposes.Cracked Version of Cobalt Strike Hacking Toolkit Identified by Google_1Greg Sinclair, a reverse engineer at Google’s Chronicle subsidiary, said, “The intention of Cobalt Strike is to emulate a real cyber threat. While it’s being used to help defenders, malicious actors have found out about it and use it themselves as a robust attack payload.” 

To help combat hacking, GCTI has released some open-source YARA Rules to flag different types of malware.

In order to address the problem of spam, Sinclair proposes “to excise the bad versions while leaving the legitimate ones untouched.” He also said that their intention is to move the tool back to the domain of legitimate intelligence teams and make it harder for bad actors to abuse.

Related Articles:
PHP Everywhere Plugin – RCE Flaws Threaten Thousands of WordPress Sites
U.S Intelligence Agencies Warns – 5G Network Weaknesses Pose Cybersecurity Threat
Cryptojacking – Victims End Up Paying 50 times more than What Attacker Makes