From September 2021, Europol’s European Cybercrime Center (EC3) assisted the operation with analytical and research support and information exchange between all partners. Additionally, law enforcement has implemented a “malware sharing platform,” inviting private partners to add real-time threat intelligence to the effort.
“Throughout the investigation period, more than 730 pieces of threat intelligence containing approximately 1.2 million indicators of compromise were shared,” Europol said. “The disruption does not end here. Law enforcement will continue to monitor and take similar actions as long as criminals continue to abuse older versions of this tool.”
An often abused pen tester
A commercial pen-testing tool, originally designed for red teaming and impersonating enemies, has been occasionally abused by cybercriminals to attack or install challenging malware. Its biggest victim was the SolarWinds attack reported in December 2020, where the attackers downloaded the customized Cobalt Strike Beacon with official updates of the Orion platform.
Source link