Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike
released on 2021-09-13 @ 03:14:17 PM
In August 2021, Intezer discovered a fully undetected ELF implementation of Cobalt Strike’s beacon, which they named Vermilion Strike. The stealthy sample uses Cobalt Strike’s Command and Control (C2) protocol when communicating to the C2 server and has Remote Access capabilities such as uploading files, running shell commands and writing to files.