6.7 C
London
Wednesday, September 28, 2022

0ktapus phishing campaign has attacked over 130 businesses

Must read

Teen dead after gunmen ambushed 5 high school soccer players in Philadelphia, police say

Five high school football players were shot in a deadly "ambush" after a scrimmage in Philadelphia on Tuesday, authorities said. A 14-year-old boy...

londonbusinessblog.com Session Calendar Announcement: Crypto 2022 • londonbusinessblog.com

The crypto industry has appeared to be aging for decades in the past bull run, maturing in places as it progressed into ambitious new...

Stockly raises another $12 million to sell out-of-stock items through other retailers • londonbusinessblog.com

French startup Stockly raises a $12 million (€12 million) Series A round from Eurazeo, Daphni and several business angels. The company bundles the...

Limit reached – Join the EU Startups CLUB

€147/quarter This option is ideal for companies and investors who want to keep up to date with Europe's most promising startups, have full access...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

More than 130 organizations, including Twilio, DoorDash, and Signal, may have been compromised by hackers as part of a months-long phishing campaign nicknamed “0ktapus” by security researchers. Login credentials of nearly 10,000 people were stolen by attackers impersonating the popular single sign-on service Okta. report of cybersecurity outfit Group-IB.

Targets received text messages that directed them to a phishing site. As the Group-IB report states, “From a victim’s point of view, the phishing site looks quite convincing because it’s very similar to the authentication page they’re used to seeing.” Victims were asked for their username, password and a two-factor authentication code. This information was then sent to the attackers.

Interestingly, Group-IB’s analysis suggests that the attackers were somewhat inexperienced. “The analysis of the phishing kit found that it was poorly configured and that the way it was developed provided the ability to extract stolen credentials for further analysis,” said Roberto Martinez, senior threat intelligence analyst at Group-IB, told TechCrunch.

But inexperienced or not, the scale of the attack is enormous, with Group-IB detecting 169 unique domains targeted by the campaign. It is believed that the 0ktapus campaign started around March 2022 and about 9,931 credentials have been stolen so far. The attackers have spread their network widely and target multiple sectors, including finance, gaming and telecom. Domains listed by Group-IB as targets (but no confirmed infringements) include Microsoft, Twitter, AT&T, Verizon Wireless, Coinbase, Best Buy, T-Mobile, Riot Games, and Epic Games.

Cash appears to be at least one of the motives for the attacks, with researchers stating, “When we see financial companies on the compromised list, we get the idea that the attackers were also trying to steal money. In addition, some of the targeted companies access crypto assets and markets, while others develop investment tools.

Group-IB warns that we will likely know the full extent of this attack for some time to come. To protect against similar attacks like this, Group-IB offers the usual advice: always check the URL of a site where you enter login credentials; treat URLs received from unknown sources with suspicion; and for extra protection, you can use an “unphishable” two-factor security keys, such as a YubiKey.

This recent series of phishing attacks is one of the most impressive campaigns of its magnitude to date, according to Group-IB. consequences of such incidents for their partners and customers.”

The magnitude of these threats is also unlikely to diminish anytime soon. Research by Zscaler shows that phishing attacks worldwide are up 29 percent in 2021 compared to the previous year and notes that SMS phishing in particular is growing faster than other types of scams as people have come to recognize fraudulent emails better. Socially manipulated scams and hacks were also seen during the COVID-19 pandemicand earlier this year, we even saw both Apple and Meta sharing data with hackers posing as law enforcement officers.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Teen dead after gunmen ambushed 5 high school soccer players in Philadelphia, police say

Five high school football players were shot in a deadly "ambush" after a scrimmage in Philadelphia on Tuesday, authorities said. A 14-year-old boy...

londonbusinessblog.com Session Calendar Announcement: Crypto 2022 • londonbusinessblog.com

The crypto industry has appeared to be aging for decades in the past bull run, maturing in places as it progressed into ambitious new...

Stockly raises another $12 million to sell out-of-stock items through other retailers • londonbusinessblog.com

French startup Stockly raises a $12 million (€12 million) Series A round from Eurazeo, Daphni and several business angels. The company bundles the...

Limit reached – Join the EU Startups CLUB

€147/quarter This option is ideal for companies and investors who want to keep up to date with Europe's most promising startups, have full access...

Ecommerce Discount Startup Checkmate Raises $7.75 Million Seed Round

US-based Australian startup Checkmate has raised $5 million in a seed round. The increase was led by US VC Fuel Capital. Other investors include...