"Cobalt Strike Usage Explodes Among Cybercrooks"

Researchers from Proofpoint have found that the use of Cobalt Strike by cybercriminals is increasing. The researchers stated that the tool has now "gone fully mainstream in the crimeware world." The researchers have tracked a year-over-year increase of 161 percent in the number of real-world attacks where Cobalt Strike has shown up. That 161 percent increase happened between 2019 and 2020, but cybercriminals have not lost their taste for Cobalt Strike in 2021, and the researchers stated that it is still a high-volume threat. Cobalt Strike sends out beacons to detect network vulnerabilities. When used as intended, it simulates an attack. However, threat actors have figured out how to turn it against networks to exfiltrate data, deliver malware and create fake command-and-control (C2) profiles that look legit and slip past detection.

Threatpost reports: "Cobalt Strike Usage Explodes Among Cybercrooks"