The stealthy sample uses Cobalt Strike’s Command and Control (C2) protocol when communicating to the C2 server and has Remote Access capabilities such as uploading files, running shell commands and writing to files. In August 2021, we at Intezer discovered a fully undetected ELF implementation of Cobalt Strike’s beacon, which we named Vermilion Strike. At the time of this writing, there is no official Cobalt Strike version for Linux. Highly targeted with victims including telecommunications, government and financeĬobalt Strike is a popular red team tool for Windows which is also heavily used by threat actors.Has IoC and technical overlaps with previously discovered Windows DLL files.Linux malware is fully undetected by vendors.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |