Dismantling malicious domains taking less than two weeks.
Detected malicious versions of Fortra's Cobalt Strike commercial penetration testing tool have dropped by 80 percent in the last two years.
Following a joint crackdown by Fortra alongside Microsoft and the Health Information Sharing and Analysis Center, over 200 domains involved in illicit Cobalt Strike use have been sequestered and sinkholed as part of the operation.
According to SC US, the malicious versions were leveraged by numerous threat actors, including state-backed advanced persistent threat groups and ransomware gangs.
The efforts to dismantle hosts are taking less than a week and less than two weeks in the U.S. and worldwide, respectively, according to a
Fortra analysis.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
