U.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that’s known to employ sophisticated phishing tactics to infiltrate targets.
The threat actor, also tracked under the monikers Muddled Libra, Octo Tempest, 0ktapus, Scatter Swine, Star Fraud, and UNC3944, was the subject of an extensive profile from Microsoft last month, with the tech giant calling it “one of the most dangerous financial criminal groups.”
Scattered Spider, like LAPSUS$, is said to be part of a larger Gen Z cybercrime ecosystem that refers to itself as the Com (alternately spelled Comm), which has resorted to violent activity and swatting attacks.
A report from Reuters earlier this week disclosed that the U.S. Federal Bureau of Investigation (FBI) is aware of the identities of at least a dozen members of the cybercrime gang.
“The threat actors frequently join incident remediation and response calls and teleconferences, likely to identify how security teams are hunting them and proactively develop new avenues of intrusion in response to victim defenses,” the agencies noted.
The U.S. government is urging companies to implement phishing-resistant MFA, enforce a recovery plan, maintain offline backups, and adopt application controls to prevent the execution of unauthorized software on endpoints.
Source: https://thehackernews.com/