The infamous hackers who reportedly attacked more than 130 organizations last year and stole the credentials of almost 10,000 employees are still targeting several tech and video game companies, according to the report prepared by the cybersecurity firm CrowdStrike.
In the report, CrowdStrike calls the hackers “Scattered Spider,” adding that it has limited visibility into the hacking campaign given that it has no “additional forensic artifacts,” which would be the data obtained directly from targeted organizations. That’s why the company admits it has “low confidence” in its assessment that this is the activity by Scattered Spider.
However, two cybersecurity insiders told TechCrunch that the understanding within the industry is that Scattered Spider is the same group as 0ktapus.
“Scattered Spider continued deploying numerous phishing pages in January 2023. CrowdStrike Intelligence assesses the adversary has likely expanded its target scope to include technology sector companies specializing in gaming or financial software while maintaining a prior focus on business process outsourcing (BPO) companies and cellular providers,” the report reads.
It is unclear if this is the same group that hacked Riot Games last month, but in a list of phishing domains included in the report, there’s one that was clearly made to target the video game giant as it includes the name of the company in the URL.
Among other phishing domains, there are also those tailored to impersonate video game makers Roblox and Zynga, email marketing, and newsletter giant Mailchimp and its parent company Intuit, Salesforce, Comcast, Grubhub, and TaskUs.
Speaking of Mailchimp, it disclosed that it had been hacked in January, which would be the second hack against the company in six months. At the time, Mailchimp said the hackers targeted its employees via phishing.
The report added that most of the hacking group’s phishing pages were designed to mimic Okta login portals, “while a much smaller number impersonated Microsoft.”
Our take: We have been writing extensively about the dangers of phishing, and we’ll yet again remind you to read all articles. Here they are:
- Hackers & Passwords: How Do They Get Them?
- What is a Phishing Email?
- Spear Phishing vs Phishing
- Smishing Definition
- What is Vishing?
- Here’s How to Avoid Phishing Scams
There is no technology to protect you against phishing – you have to use your brain to check the URL, email headers, content, and other things in order to determine whether a page is legitimate or not. That being said, you are still much better off with a VPN turned on, as it can and will detect suspicious code on the page and filter it out for you. So, if you still don’t have it – get one today!