The FBI has learned of an August 2021 attempt by an unknown cyber actor to use Cobalt Strike to gain unauthorized access to a US company’s network after compromising an employee’s endpoint device. The employee unintentionally installed malware on their device when, while visiting a restaurant’s website, a fraudulent requirement popped up informing the employee their web browser needed to be updated to access certain features on the website. Once the employee clicked through the requirement, the malware downloaded, including Cobalt Strike.