\n
![](\"https:\/\/readwrite.com\/wp-content\/uploads\/2024\/07\/Europol-shuts-down-almost-600-addresses-in-Cobalt-Strike-cybercrime-crackdown-900x600.png\")
<\/p>\n [ad_1]
\n<\/p>\n
Nearly 600 IP addresses have been dismantled by Europol<\/a> as part of a concerted effort to tackle cybercrime involving the misuse of the Cobalt Strike security tool<\/a>. The operation, dubbed Operation MORPHEUS, took place between June 24 and June 28, targeting older, unlicensed versions of the tool commonly used in criminal activities.<\/p>\n \u201cThroughout the week, law enforcement flagged known IP addresses associated with criminal activity, along with a range of domain names used by criminal groups, for online service providers to disable unlicensed versions of the tool. A total of 690 IP addresses were flagged to online service providers in 27 countries. By the end of the week, 593 of these addresses had been taken down,\u201d Europol said in a statement<\/a>.<\/p>\n \u26a0\ufe0fLaw enforcement teamed up with the private sector to stop criminals abusing Cobalt Strike to carry out attacks.<\/p>\n An action led by @NCA_UK<\/a> & coordinated from Europol HQ resulted in the takedown of 593 IP addresses linked to criminal activity.<\/p>\n Details \u2935\ufe0fhttps:\/\/t.co\/yrqiri7G4m<\/a> pic.twitter.com\/jJzrgOPh9t<\/a><\/p>\n \u2014 Europol (@Europol) July 3, 2024<\/a><\/p>\n<\/blockquote>\n Operation MORPHEUS was mainly led by the UK\u2019s National Crime Agency (NCA) and involved major contributions from authorities across Australia, Canada, Germany, the Netherlands, Poland, and the United States. Europol\u2019s European Cybercrime Centre (EC3) also played a role in coordinating international efforts and liaising with private sector partners.<\/p>\n The NCA has coordinated global action against illicit software which has been used by cybercriminals for over a decade to infiltrate victims\u2019 IT systems and conduct attacks.<\/p>\n FULL STORY \u27a1\ufe0f https:\/\/t.co\/FrbB3glUOk<\/a> pic.twitter.com\/nV6cciRj9g<\/a><\/p>\n \u2014 National Crime Agency (NCA) (@NCA_UK) July 3, 2024<\/a><\/p>\n<\/blockquote>\n Paul Foster, the NCA\u2019s threat leadership director, said<\/a> that although Cobalt Strike is a legitimate piece of software, cybercriminals have been exploiting its use for \u201cnefarious purposes\u201d.<\/p>\n He added: \u201cIllegal versions of it have helped lower the barrier of entry into cybercrime, making it easier for online criminals to unleash damaging ransomware and malware attacks with little or no technical expertise. Such attacks can cost companies millions in terms of losses and recovery.<\/p>\n \u201cI would urge any businesses that may have been a victim of cyber crime to come forward and report such incidents to law enforcement.\u201d<\/p>\n Cobalt Strike, developed by Fortra<\/a>, is a legitimate and widely used cybersecurity tool designed to help IT security professionals in performing attack simulations to uncover vulnerabilities. However, it can be exploited maliciously when in the hands of cybercriminals. Reports suggest that cracked copies of older versions like Ryuk, Trickbot, and Conti have been used in several high-profile malware and ransomware cases.<\/p>\n We\u2019ve partnered with Europol, the UK National Crime Agency, and several other private partners to protect the legitimate use of Cobalt Strike. https:\/\/t.co\/8IQWr10YBY<\/a> https:\/\/t.co\/gALYztQmdI<\/a><\/p>\n\n
\n
What is a Cobalt Strike attack?<\/h2>\n
\n