(ANSA) – Rome, August 29 – A major phishing campaign has affected more than 130 companies, many in the United States. It was called Oktapus and was discovered by Group-IB researchers.
Cybercriminals took advantage of the notoriety of Okta, a California company that provides access and identity management services.
The campaign was launched in March 2022, with the main goal of cybercriminals being to obtain Okta credentials and two-factor authentication codes from company employees. Received text messages with links to phishing sites impersonating an Okta login page. The Oktapus campaign made it possible to steal 9,931 credentials used to break into companies’ IT systems via VPNs and other remote access devices. The number of individual domains targeted by hackers is huge, totaling 169. In addition to Twillo, DoorDash and Signal, the list of domains also includes AT&T, Verizon, Coinbase, Best Buy, T-Mobile, Riot Games and Epic Games.
According to the specialized website TechCrunch, one of the warning bells was the warning issued by the Signal messaging service on August 15, which hacked Twilio – a technology company – that allowed 1,900 cybercriminals to be exposed. Signal calculation.
“Oktapus shows how vulnerable modern companies are to some simple social engineering attacks and how far the consequences of these incidents go to their partners and customers,” Group-IB experts explain.
Reproduction reserved © Copyright ANSA
“Gamer. Professional beer expert. Food specialist. Hardcore zombie geek. Web ninja. Troublemaker.”