Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. Targeted assaults on Twilio and Cloudflare staff members are related to a widespread phishing campaign that led to the compromise of 9,931 accounts at more than 130 firms.
Researchers gave the threat actors the nickname “0ktapus” because of their targeted misuse of the identity and access management company Okta. Although researchers are unsure of the precise method by which threat actors acquired a list of phone numbers used in MFA-related attacks, one theory they put forth is that 0ktapus attackers started their campaign by concentrating on telecommunications firms.
The 0ktapus attackers are thought to have started their campaign by concentrating on telecoms providers in an effort to obtain phone numbers of possible targets.
For more such updates follow us on Google News ITsecuritywire News