Cobalt Strike is an adversary simulation platform intended for assessing a network’s security against an advanced threat actor. There are tens of servers running an older version of the platform, some of which may have been obtained illegally and deployed for malicious intentions. Some users on hacker forums offered $25,000 to anyone in the U.S. that could get a genuine copy of the product. Recorded Future’s Insikt Group scanned the internet searching for clues that may indicate an unpatched server.
Source: https://www.bleepingcomputer.com/news/security/threat-actors-use-older-cobalt-strike-versions-to-blend-in/