Over 130 companies’ employee data compromised by hackers
Over 130 organisations have been compromised in a sophisticated attack using simple phishing kits, that exposed the credentials of close to 10,000 employees. Same hackers attacked communications giant Twilio.
As part of the breach, end-to-end encrypted messaging app Signal revealed that hackers accessed the phone numbers and SMS verification codes of 1,900 users. Twilio, which owns popular two-factor authentication (2FA) Authy, earlier said that it became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.
The attackers targeted employees of companies that are customers of Identity and Access Management (IAM) Okta. These employees received text messages containing links to phishing sites that mimicked the Okta authentication page of their organisation.
According to cybersecurity company Group-IB, the attack on Twilio was part of a wider campaign by the “0ktapus” hacking group. Group IB said, “Based on the request from our client, and from public reports made by Twilio and Cloudflare, the attacks were well designed and executed.”
In total, the Group-IB Threat Intelligence team detected 169 unique domains involved in the Oktapus campaign. The Group-IB analysis shows that most targeted companies are located in the US. Some of the affected are headquartered in other countries but have US-based employees that were targeted.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.