8 Legit Tools and Utilities That Cybercriminals Commonly Misuse

Cybercriminals have long been known for using legitimate tools and utilities for malicious activities. Recently, though, it has been observed by Positive Technologies that there has been a substantial increase in the use of “living-off-the-land” tactics. Why? Attackers that use legitimate tools are able to hide their activities in legitimate traffic. “Threat actors increasingly leverage dual-use tools or tools that are already preinstalled on targeted systems to carry out cyberattacks,” said Fortinet. The eight tools that are most commonly abused are: Cobalt Strike and Metasploit Pro, PowerShell, Windows Sysinternals, VNC, Windows Management Instrumentation (WMI), Mimikatz, TeamViewer, Trusted System Executables.

Relevant URL(s): https://www.darkreading.com/attacks-breaches/8-legit-tools-and-utilities-that-cybercriminals-commonly-misuse/d/d-id/1335254