HQ/EMEAFind out how we can help your business
The financially motivated threat group, the Scattered Spider, has transitioned from attacking BPO and telecommunication entities to targeting the gaming industry. Based on reports, these notorious threat groups are trying to take their credential-stealing campaign on a different landscape to infect a different set of targets.
According to investigations, the Scattered Spider threat operators have focused on technology and video game-related firms. These attackers deployed numerous phishing pages last month, and most of the phishing pages impersonated Okta’s login portal. Moreover, some of the confirmed phishing pages mimic Microsoft.
Cybersecurity experts explained that these attacks are for the Information Technology (IT) companies that relate to developing financial and gaming software.
The Scattered Spider threat group utilises typo-squatted domains to deceive targets.
Researchers revealed that the Scattered Spider actors have been using several typo-squatted domains to bait their targets into accessing them. A recent tally of cybercriminal campaigns for the last few months has ties to the group’s recent attacks.
One of the confirmed registered phishing domains that impersonate the name of the video game is a company called Riot Games. This company suffered a cybersecurity incident last month, leading to the stealing of the source code for two popular games.
However, there is no confirmation if the same threat group is the cause of the hack.
In addition, a fake domain impersonating the email marketing company dubbed Mailchimp has been spotted recently. Also, last month, this marketing company revealed a breach in its network through phishing emails.
Numerous fake domains currently impersonate famous video game makers such as Zynga, Roblox, Salesforce, Grubhub, and Comcast.
The Scattered Spider gang has consistently used the same strategy such as phishing emails and typo-squatted domains to increase the efficiency of their attacks despite its different targeted industries.
Experts claimed that this recent transition of the Scattered Spider group could last for months, and they could go to another industry after. Organisations should know these attacks from the threat groups to avoid the risks of getting infected by the Scattered Spider campaign.
