Hackers take this information and try to log into an employee’s account, triggering a 2FA verification process. As an employee types their username and password into an 0ktapus webpage, it’s automatically forwarded to a secret Telegram channel. So, 0ktapus’ webpages imitate the Okta identification system. If an unknown device tries to log in to an employee’s account, the employee receives a verification code on their phone. And they all protect employee accounts using two-factor authentication (2FA). A link embedded in the text messages leads to a fake version of their employer’s website, prompting the user to update their password.Įvery company targeted in this campaign uses Okta Identity and Access Management services.
Basically, a ton of employees at targeted companies (including former employees) are sent “automated” text messages warning that their login information has expired. DoorDash warns that a small group of customers had their login and payment info stolen.Ī Cloudflare report explains how the 0ktapus scheme operates. Both companies say that user data was accessed by hackers, though Twilio says that login credentials are safe. And surprisingly, the list of 0ktapus targets includes Microsoft, AT&T, Verizon, Coinbase, and Twitter-again, these companies are targets, and we don’t know if they were successfully hacked.Īs of August 26th, Twilio and DoorDash are the only major companies that have announced an 0ktapus data breach. corporations, minus a few outliers based in other countries across the globe. The 0ktapus phishing campaign focuses on major U.S. 0ktapus Stole Nearly 10,000 Login Credentials But it is related to the Twilio and DoorDash attacks that were reported on August 8th and August 25th. The extent of this hacking campaign, dubbed “0ktapus,” may take several years to fully unravel.įor clarity, this phishing campaign has nothing to do with LastPass’s recent data breach.
Security researchers are investigating a large-scale phishing attack that targeted over 130 companies, including financial institutions, messaging services, and telecom operators.
0 kommentar(er)
