Cybercriminals are turning security tools into a means of attack

 in a odd turn of activities, famous penetration testing gear have been observed as being most commonly used by attackers. cybersecurity researchers at recorded destiny's insikt organization discovered cobalt strike and metasploit as the maximum popular option for website hosting malware command and manage (c&c) servers.

the researchers gathered more than 10,000 unique c&c servers across at least 80 malware families via 2020. 

“the maximum usually observed households had been ruled by way of open source or commercially available tooling,” the researchers wrote.

take a look at out our roundup of the great endpoint protection answers

here are a number of the great malware elimination software program

live safe with these fine ransomware protection gear

wrong side of the fence

penetration trying out tools, also referred to as offensive protection equipment, and red teaming equipment, have also found their manner within the attackers' toolkits in current years, the report discovered.

whilst cobalt strike accounted for 1,441 of the c&c servers, metasploit accompanied near in the back of with 1,122. together, the 2 had been located in 25% of the entire c&c servers. moreover, the group additionally observed the adoption of lesser-recognised open supply tools including octopus c2, mythic, and covenant. 

https://www.techradar.com/news/nvidia-in-2021-amperes-continued-domination

outlining the motives for his or her recognition, the researchers word that these tools have graphical person interfaces, and are thoroughly documented, which makes them less difficult to use, even by pretty inexperienced attackers.

https://www.facebook.com/patient/

that said, several of the groups who abused those tools have been nation-backed bad actors, in line with the researchers, and were engaged in espionage operations. 

https://careers.twitter.com/

“over the subsequent year, recorded future expects further adoption of open supply tools that have currently gained recognition, mainly covenant, octopus c2, sliver, and mythic,” write the researchers. 

https://www.pinterest.com/patriciaglass53/httpwwwpintrestcompglassboard/

the researcher’s report additionally carries numerous other interesting findings. as an example, the top 4 website hosting vendors with the most variety of c&c servers of their infrastructure, particularly amazon, digital ocean, choopa, and zenlayer, were all primarily based in the u.s.