Cybercriminal Organization Exploits Vulnerability in Outdated Windows Drivers to Bypass Security Products


Recent attacks on telecom and BPO companies have been seen using an old vulnerability in an Intel Ethernet diagnostics driver for Windows.

This group of hackers is known as Scattered Spider. The threat actor, also known as Roasted 0ktapus and UNC3944, has been focusing on telecom and business process outsourcing (BPO) companies since June 2022 in order to access mobile carrier networks.

Also Read: FBI Warns of Threat Actors Manipulating Search Ads to Promote Phishing Pages

Following a compromise, the threat actor was seen deploying virtual private network (VPN) and remote monitoring and management (RMM) tools, CrowdStrike reported in December 2022. The threat actor was seen using phishing and social engineering to obtain victims’ credentials and one-time passwords (OTPs).

Read More: Cybercrime Group Exploiting Old Windows Driver Vulnerability to Bypass Security Products

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.