Recently, a deadly post-exploitation toolkit that was formerly employed for cybersecurity was cracked and made accessible to hacker communities. The toolkit’s potential for being put on other websites and for getting into the hands of various threat actors might have catastrophic consequences.
This could be harmful. The post-exploitation toolset in question, Brute Ratel C4, was created initially by Chetan Nayak. Since Nayak was formerly on the red team, he sought to breach the security of a network that the blue team was actively defending as part of his duty.
The two teams then assess the situation to see if any security flaws need to be rectified.
Brute Ratel was created for that reason. It was created for “red teamers” to use with the ultimate purpose of enabling them to remotely carry out commands on a compromised network. The remainder of the network would therefore be more easily accessible to the attacker as a result.
Cobalt Strike is suspected to be a variant of the Brute Ratel ransomware attack method, which has been widely utilized by ransomware gangs and is therefore quite easy to detect. Because of its license verification process and lack of popularity, Brute Ratel has generally been avoided by hackers. Any company found to be using the technology inappropriately or fraudulently risks having Nayak revoke their license.
That is now history as a result of the tool’s cracked version becoming readily accessible. It was posted to VirusTotal in its uncracked form at first, but a Russian team by the name of Molecules was able to crack it and fully remove the needed license from it. According to this, anyone who wants to hack may do it now if they know where to look.
