Over 130 companies hacked, data of 10K employees compromised


New Delhi, Aug 25 (IANS): Over 130 organisations have been compromised in a sophisticated attack using simple phishing kits, that exposed the credentials of close to 10,000 employees.

Same hackers attacked communications giant Twilio and as part of the breach, end-to-end encrypted messaging app Signal revealed last week that hackers accessed the phone numbers and SMS verification codes of 1,900 users.

According to cybersecurity company Group-IB, the attack on Twilio was part of a wider campaign by "0ktapus" hacking group.

Based on the request from our client, and from public reports made by Twilio and Cloudflare, the attacks were well designed and executed," Group-IB said in a blogpost.

The attackers targeted employees of companies that are customers of Identity and Access Management (IAM) leader Okta.

These employees received text messages containing links to phishing sites that mimicked the Okta authentication page of their organisation.

In total, the Group-IB Threat Intelligence team detected 169 unique domains involved in the Oktapus campaign.

"At this time, it became very clear that the threat actors' immediate intentions were to gain access to the corporate services of the organisations," said the researchers.

Twilio, which owns popular two-factor authentication (2FA) Authy, earlier said that it became aware of unauthorised access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

The Group-IB analysis shows that most targeted companies are located in the US. Some of the affected are headquartered in other countries but have US-based employees that were targeted.

 

  

Top Stories


Leave a Comment

Title: Over 130 companies hacked, data of 10K employees compromised



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.