Cymulate named a Customers' Choice in 2025 Gartner® Peer Insights™
Learn More
New Gartner® Report: Strategic Roadmap for CTEM
Learn More
New Integration Partnership with WIZ!
Learn More
Threat Exposure Validation Impact Report 2025
Learn More
Book a Demo
Book a Demo

COBALT MIRAGE APT Group Leverages Drokbk Malware

December 18, 2022

An intrusion carried out by the COBALT MIRAGE threat group leveraged the multi-functional Drokbk malware for persistence and to execute additional commands received from the command-and-control server. The actor took advantage of two Log4j vulnerabilities in a VMware Horizon server for initial access. To determine its C2 server, the malware used the dead drop resolver technique and legitimate Internet services.

Featured Resources

View More Resources
image
blog

Enterprise Cloud Security: Best Practices and Guide

Enterprise cloud security is the framework of strategies, technologies and processes that protect sensitive workloads, applications and data across cloud

Read More
cymulate blog article
blog

Cymulate Expands WAF Validation with OAuth 2.0 Support

Avigayil Stein, Product Marketing ManagerYoni Harris, Product Manager Validating modern web applications just got easier  Cymulate now supports OAuth 2.0

Read More
Vulnerability Management Must Evolve to CTEM 
Guide

Vulnerability Management Must Evolve to CTEM 

Maximize your exposure management budget with a guide to prioritizing exploitable risks and building continuous resilience.

Learn More