Microsoft: Scattered Spider Widens Web With RansomHub & Qilin

  /     /     /  
Publicated : 23/11/2024   Category : security


Microsoft: Scattered Spider Widens Web With RansomHub & Qilin


The gang already uses varied tools in its attacks, such as phishing, SIM swapping, and MFA fatigue.



Octo Tempest, a threat actor
also known as Scattered Spider,
has added RansomHub and Qilin to its repository for use in attacks,
Microsofts Threat Intelligence Team
is warning.
The gang, which first arrived on the scene in 2022, is known for its social engineering techniques, which Microsoft describes as sophisticated, as well as identity compromises, targeting of VMware ESXi servers, and deployment of BlackCat ransomware. It was also infamously behind the massive
ransomware attacks on Caesars Palace and MGM Entertainment
last year.
Other tactics, techniques, and procedures (TTPs) the group is known to use include impersonating IT employees to deceive company staff into providing credentials or gaining persistence using remote access tools, as well as phishing, MFA bombing, and SIM swapping.
Qilin ransomware also surfaced in 2022 under a different name, Agenda, but quickly rebranded. The group is known to have targeted and claimed more than 130 companies, demanding ransoms from as low as $25,000 and well into millions, and is developing a customizable Linux encryptor to target VMware ESXi servers, according to Microsoft.
RansomHub,
meanwhile, is a ransomware-as-a-service (RaaS) offering that is becoming increasingly favored by threat actors, making it one of the most widespread ransomware families today, the tech giant said via X.
Octo Tempest accounts for a significant number of the investigations that the Microsoft team covers, it said, and has dominated incident response engagements it has received since first gaining attention through its
oktapus campaign
, which targeted over 130 well-known organizations.

Last News

▸ Security Problem Growing for Dairy Queen, UPS & Retailers, Back off ◂
Discovered: 23/12/2024
Category: security

▸ Veritabile Defecte de Proiectare a Securitatii in Software -> Top 10 Software Security Design Flaws ◂
Discovered: 23/12/2024
Category: security

▸ Sony, XBox Targeted by DDoS Attacks, Hacktivist Threats ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Microsoft: Scattered Spider Widens Web With RansomHub & Qilin