AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Operation Morpheus: Europol hits cybercrime hard

A vast network of illegal servers discovered and neutralized: the global fight against cyber threats enters a new phase

Operation Morpheus, coordinated by Europol, disabled nearly 600 Cobalt Strike servers used by cybercriminals. Pirated versions of this pentesting tool have been exploited for cyber attacks. Public-private collaboration has been crucial to this success.

This pill is also available in Italian language

In an action coordinated by Europol, called Operation Morpheus, almost 600 Cobalt Strike servers used by cybercriminals were shut down. This important achievement was achieved through collaboration between law enforcement agencies from several countries, including the United States, United Kingdom, Germany, Australia, Canada, the Netherlands and Poland, and the involvement of private sector partners such as BAE Systems Digital Intelligence, Trellix, Spamhaus, abuse.ch, and The Shadowserver Foundation. These entities offered essential support through advanced scanning, telemetry and analytics capabilities. The operational phase of Operation Morpheus took place between 24 and 28 June and is the culmination of an investigation launched in 2021, during which Europol coordinated activities with over 40 meetings between law enforcement representatives and private realities, also establishing a virtual command for the operational week.

Cobalt Strike: from legitimate tool to cybercrime resource

Cobalt Strike was created by Fortra (formerly Help Systems) as a legitimate penetration testing tool. Over time, however, pirated versions of the software have been exploited by cybercriminals to conduct infiltration, compromise, sabotage and extortion operations. In particular, government-affiliated hacker groups have found Cobalt Strike to be a useful resource for maintaining persistent access to breached networks. This program has thus become a serious threat not only for cybersecurity companies, but also for large global companies worried about the malicious capabilities that hackers can obtain by exploiting it.

The legal action and contributions from large companies

The criminal use of Cobalt Strike had already put several large companies on alert. Last April, Fortra teamed up with Microsoft and the Health Information Sharing and Analysis Center to take legal action against servers hosting pirated copies of the software. In a previous move, in November 2022, Google Cloud Threat Intelligence made public a set of indicators of compromise and 165 YARA rules, aimed at helping analysts and security managers detect the presence of Cobalt Strike in corporate networks. These initiatives highlight how the private sector is deploying resources and innovative solutions to combat the abuse of legitimate tools by cybercrime.

Future predictions: constant vigilance against cyber threats

Europol stated that Operation Morpheus does not represent the end of activities against the abuse of Cobalt Strike by cybercriminals. Law enforcement and affected entities will continue to monitor and take similar actions as long as these threats persist. The cybersecurity community therefore remains vigilant and prepared to respond to the challenges posed by pirated versions of pentesting tools, confirming the importance of constant collaboration between the public and private sectors to improve network security and prevent cyber criminal activity.

Follow us on WhatsApp for more pills like this

07/04/2024 10:33

Marco Verro

Last pills

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon

Data breach: Fortinet faces new hack, 440GB of stolen informationFortinet under attack: hackers breach security and make information public. discover the details and the consequences for the privacy of involved users

Shocking cyber espionage discoveries: nation-state threatsHow state-of-state cyberwarfare is changing the game in the tech industry: Details and analysis of recent attacks

A new era for Flipper Zero with firmware 1.0Discover the revolutionary features of Flipper Zero firmware 1.0: performance improvements, JavaScript, and enhanced connectivity