More than 130 companies have been targeted in a widespread phishing attack.
The attack, which has been dubbed “0ktapus” by security researchers, was a months-long campaign that targeted the likes of T-Mobile, AT&T, Slack, Twitter, Microsoft, and DoorDash.
Though Group-IB, the security team researching the breach, says that their analysis points to the attackers being inexperienced, the scale of the attack is massive. They suspect that the attack began back in March and that nearly 10,000 login credentials have been stolen.
The attackers imitated Okta, a popular single sign-on service in order to target accounts. The hackers sent text messages that prompted users with a fake authentication page. Once users entered their username, password, and two-factor authentication code, the information was sent to the attackers.
If you are worried that your login details have been compromised, Group-IB suggests not clicking any links that lead you directly to a login page. They also suggest using “unphishable” two-factor security keys like those from YubiKey.
by travelers, for travelers.