Cobalt Strike
Cybersecurity statistics about cobalt strike
Top Vendors
Showing 1-4 of 4 results
China hosted 42.3% of all tracked Cobalt Strike infrastructure, the US hosted 18.9%, and Hong Kong hosted 15.8%.
Bridewell•5/27/2026•
ChinaUS
Cobalt Strike accounted for 38.4% of all OST output (3,944 of 10,272 tracked OST instances), maintaining its position as the primary adversary framework.
Bridewell•5/27/2026•
OST
The most prevalent malware families observed in 2025 are Cobalt Strike, Sliver, Metasploit, Burp, PlugX, SuperShell C2, Havoc, Panda C2, Brute Ratel, and ShadowPad.
Bridewell•5/27/2026•
Malware Sliver
PowerShell was the primary attack vector with 96,061 detections by Trellix, followed by Cobalt Strike with 85,986 detections targeting the IT-to-OT boundary.
Trellix•11/22/2025•
Operational technologyPowerShell