Sean Gallagher is Principal Threat Researcher, Sophos X-Ops. Prior to joining Sophos, he was an information security and technology journalist for over 30 years, including 10 as information security and national security editor for Ars Technica.
Three threat groups using the exact same scam kit stole from 90 victims, mostly during the period of June to August, using smart contracts to hijack wallets and transfer their contents without needing to bypass device security. To date, neary $3 million has been stolen by the coordinated groups.
The commercial attack tool’s use by bad actors has faded after an initial flurry, while Cobalt Strike remains the go-to post-exploitation tool for many.