8.1 C
London
Sunday, February 5, 2023

0ktapus phishing campaign has attacked over 130 businesses

Must read

Who is Johanna Leia Boyfriend? Is she dating Drake?

Johanna Leia is a Los Angeles-based reality TV star, social media influencer and model. She has modeled for various swimwear brands and other...

Pervez Musharraf, Pakistani ex-president and US ally in ‘war on terror’, dies at 71

General Pervez Musharraf, who seized power in a bloodless coup and later led an unwilling Pakistan to aid the US war in Afghanistan against...

India blocks more than 230 gambling and lending apps, many with ties to China londonbusinessblog.com

India will block 232 apps, some with links to China, that offer gambling and loan services in the South Asian market to prevent misuse...

The impact investor and climate correspondent walk into a bar • londonbusinessblog.com

Hello and welcome back to Equitya podcast about the business of startups, where we unravel the numbers and nuances behind the headlines. This week Natasha...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

More than 130 organizations, including Twilio, DoorDash, and Signal, may have been compromised by hackers as part of a months-long phishing campaign nicknamed “0ktapus” by security researchers. Login credentials of nearly 10,000 people were stolen by attackers impersonating the popular single sign-on service Okta. report of cybersecurity outfit Group-IB.

Targets received text messages that directed them to a phishing site. As the Group-IB report states, “From a victim’s point of view, the phishing site looks quite convincing because it’s very similar to the authentication page they’re used to seeing.” Victims were asked for their username, password and a two-factor authentication code. This information was then sent to the attackers.

Interestingly, Group-IB’s analysis suggests that the attackers were somewhat inexperienced. “The analysis of the phishing kit found that it was poorly configured and that the way it was developed provided the ability to extract stolen credentials for further analysis,” said Roberto Martinez, senior threat intelligence analyst at Group-IB, told TechCrunch.

But inexperienced or not, the scale of the attack is enormous, with Group-IB detecting 169 unique domains targeted by the campaign. It is believed that the 0ktapus campaign started around March 2022 and about 9,931 credentials have been stolen so far. The attackers have spread their network widely and target multiple sectors, including finance, gaming and telecom. Domains listed by Group-IB as targets (but no confirmed infringements) include Microsoft, Twitter, AT&T, Verizon Wireless, Coinbase, Best Buy, T-Mobile, Riot Games, and Epic Games.

Cash appears to be at least one of the motives for the attacks, with researchers stating, “When we see financial companies on the compromised list, we get the idea that the attackers were also trying to steal money. In addition, some of the targeted companies access crypto assets and markets, while others develop investment tools.

Group-IB warns that we will likely know the full extent of this attack for some time to come. To protect against similar attacks like this, Group-IB offers the usual advice: always check the URL of a site where you enter login credentials; treat URLs received from unknown sources with suspicion; and for extra protection, you can use an “unphishable” two-factor security keys, such as a YubiKey.

This recent series of phishing attacks is one of the most impressive campaigns of its magnitude to date, according to Group-IB. consequences of such incidents for their partners and customers.”

The magnitude of these threats is also unlikely to diminish anytime soon. Research by Zscaler shows that phishing attacks worldwide are up 29 percent in 2021 compared to the previous year and notes that SMS phishing in particular is growing faster than other types of scams as people have come to recognize fraudulent emails better. Socially manipulated scams and hacks were also seen during the COVID-19 pandemicand earlier this year, we even saw both Apple and Meta sharing data with hackers posing as law enforcement officers.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Who is Johanna Leia Boyfriend? Is she dating Drake?

Johanna Leia is a Los Angeles-based reality TV star, social media influencer and model. She has modeled for various swimwear brands and other...

Pervez Musharraf, Pakistani ex-president and US ally in ‘war on terror’, dies at 71

General Pervez Musharraf, who seized power in a bloodless coup and later led an unwilling Pakistan to aid the US war in Afghanistan against...

India blocks more than 230 gambling and lending apps, many with ties to China londonbusinessblog.com

India will block 232 apps, some with links to China, that offer gambling and loan services in the South Asian market to prevent misuse...

The impact investor and climate correspondent walk into a bar • londonbusinessblog.com

Hello and welcome back to Equitya podcast about the business of startups, where we unravel the numbers and nuances behind the headlines. This week Natasha...

Who is Samie Elishi from “Love Island” 2023?

Love Island 2023 often brings new bombs to the villa. The islanders this time welcomed Samie Elishi, a 22-year-old resident of London. ...