Considering how flawed we are from an overall standpoint, human beings have tried, every once in a while, to run away from their imperfections. No, while not all of our attempts were wholly successful, some did deliver positive results, with technology really appearing as the biggest yield of all. The reason why technology gets to stay above the rest here is inspired by the creation’s unprecedented skill-set that wasted no time in making us smarter than ever before. This ushered us towards some incredible possibilities, but like us, technology notably came with its own set of flaws. These flaws will show up in various different forms, and yet their biggest representation will only arrive once we recognize the risk of cybersecurity. You see, alongside making us significantly smarter, technology’s expansive nature also turned us into our most vulnerable selves. Such a dynamic, unsurprisingly enough, set the perfect stage for certain bad actors to exploit others, and consequentially, fulfil their own ulterior motives. In fact, the risk in play here will only get bigger over time, and a recent phishing campaign does a lot to prove the same.
According to report from the cybersecurity outfit Group-IB, more than a 130 organizations, including Twilio, DoorDash, Cloudflare, and more, have been sensationally compromised in what is being deemed as a month-long phishing campaign. Going by the available details, the attack saw over a whopping 10,000 people getting their login credentials stolen, but mind you, the tactics used to orchestrate the entire runner were pretty basic. In a nutshell, the hackers imitated as the popular single sign-on service, Okta, and sent a text to all the target employees that redirected them to a phishing website. Here, they were asked to fill in their username, password, and a two-factor authentication code. As soon as these targets entered all the relevant details, it was passed on to the hackers for them to gain an unauthorized access into the stated employees’ accounts.
“The analysis of the phishing kit revealed that it was poorly configured and the way it had been developed provided an ability to extract stolen credentials for further analysis,” said Roberto Martinez, a senior threat intelligence analyst at Group-IB.
Poorly configured or not, the campaign still managed to impact an estimated 169 domains. However, what was really the motivating factor behind the attack? While the wider goal remains unknown, one of the objectives is understood to revolve around the financial aspect.
“Seeing financial companies in the compromised list gives us the idea that the attackers were also trying to steal money. Furthermore, some of the targeted companies provide access to crypto assets and markets, whereas others develop investment tools,” the researchers at Group-IB said.
As hard as it looks to top such an enormous attack, the frequency and scale of these attacks isn’t expected to dwindle down anytime soon. With phishing attacks going up by 29% in 2021 compared to the previous year, the latest one gives us every reason to believe that the trend will continue, at least for the foreseeable future.