About a year ago, Palo Alto Networks, a US security firm, started receiving reports from numerous companies that had fallen victim to unusual hacking methods. In these attacks, English-speaking hackers would call a company’s helpdesk posing as an employee and request login details by claiming to have forgotten their own. These hackers were highly skilled at social engineering and bypassing multi-factor authentication, making them more sophisticated than typical cybercriminals. Wendi Whitmore, the senior vice president for Palo Alto Networks’ Unit 42 threat intelligence team, compared their tactics to those of nation-state actors. The group, known by various names including Scattered Spider, Muddled Libra, and UNC3944, recently gained attention for breaching the systems of MGM Resorts and Caesars Entertainment, two major gambling companies. However, according to analysts, they have targeted many more companies and are expected to continue doing so. The FBI is currently investigating the breaches at MGM and Caesars. CrowdStrike has tracked 52 global attacks by this group since March 2022, while Mandiant recorded over 100 intrusions in the last two years. Nearly every industry has been impacted by these attacks. These hackers are not only skilled but also ruthless in their interactions with victims. They breach and extract data from company systems quickly, overwhelming security response teams. They have also left threatening notes on victim organization systems and have even resorted to SWATing, making false emergency calls to send armed police units to targeted executives’ homes. Kevin Mandia, the founder of Mandiant, believes these attacks are not just about money but also about power, influence, and notoriety. The hackers appear to be predominantly aged between 17 and 22, based on their conversations with victims. They acquire employee information, including passwords, through social engineering techniques such as SIM swapping. They also study large organizations to identify individuals with privileged access. The recent MGM hack was particularly impactful, causing chaos in Las Vegas with stalled gaming machines and disrupted hotel systems. Ransomware attacks continue to evolve as cybercriminals adapt to the latest security measures. The tactics employed by Scattered Spider are reminiscent of Lapsus$, another group that targeted Okta and Microsoft. In response to these attacks, cybersecurity specialists are working hard to develop effective defense strategies.
Denial of responsibility! Vigour Times is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
