FBI warns on Scattered Spider hackers, urges victims to come forward

Caesars Entertainment Inc MGM Resorts International Microsoft Corp SAN FRANCISCO, Nov 16 - The FBI warned organizations to guard against the Scattered Spider hacking group, which has breached dozens of American organizations over the past year, stealing their sensitive data for extortion. The FBI alert follows a Reuters report this week that said the agency had struggled to stop these hackers that are known to be skilled at using fake profiles and impersonations to trick a victim organisation's help desk into giving them access. They were behind the September hacks into casino companies MGM Resorts International and Caesars Entertainment, but have intruded various organisations from telecom companies to healthcare groups, security researchers say. The statement, issued jointly with the U.S. Cybersecurity and Infrastructure Security Agency, sheds new light into how these hackers operate. Even after they've gained access into an organization's systems, the hackers keep checking its internal communication channels such as Slack, Microsoft Teams, and Microsoft Exchange online, for emails or conversations that might show if their breach had been discovered, the statement said. Advertisement Scroll to continue The criminals "Frequently join incident remediation and response calls and teleconferences, likely to identify how security teams are hunting them and proactively develop new avenues of intrusion in response to victim defenses," it added. The FBI and CISA urged critical infrastructure organisations to implement a series of security measures they recommended and urged victim organisations to share information about the hacks with the agencies. Advertisement Scroll to continue Everything from a sample ransom note, communications with the hackers, their cryptocurrency wallet information, or samples of malicious files could be useful, they said. "FBI and CISA do not encourage paying ransom as payment does not guarantee victim files will be recovered," they said, adding that ransom payments may embolden the hackers into going after more targets.

This Cyber News was published on www.reuters.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to FBI warns on Scattered Spider hackers, urges victims to come forward

Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack - The group behind the high-profile MGM cyberattack in September has resurfaced in yet another sophisticated ransomware attack, in which the actor pivoted from a third-party service environment to the target organization's on-premise network in only an ...
1 year ago Darkreading.com Scattered Spider
Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack - The group behind the high-profile MGM cyberattack in September has resurfaced in yet another sophisticated ransomware attack, in which the actor pivoted from a third-party service environment to the target organization's on-premise network in only an ...
1 year ago Darkreading.com Scattered Spider
As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs - Scattered Spider hackers have been tearing through the finance and insurance sectors, all while authorities are preparing legal actions to stop them. A game of cops and robbers is playing out between the FBI and Scattered Spider, the cybercrime ...
11 months ago Darkreading.com Scattered Spider
Scattered Spider Employs Sophisticated Attacks to Steal Login Credentials & MFA Tokens - To counter this threat, Silent Push has developed Indicators of Future Attack (IOFA) feeds that track Scattered Spider infrastructure, including recently observed domains like “klv1.it.com” targeting Klaviyo and multiple others ...
2 weeks ago Cybersecuritynews.com Scattered Spider
Scattered Spider member pleads guilty to identity theft, wire fraud charges | The Record from Recorded Future News - Urban, who goes by the alias "Sosa," “Elijah,” and “King Bob” was "part of a group of loosely organized individuals who engage in account takeovers and [stole] cryptocurrency from online exchanges" from August 2022 through ...
3 weeks ago Therecord.media Scattered Spider
Scattered Spider Attacking Finance & Insurance Industries - Hackers very frequently target the finance and insurance sectors due to the large volumes of sensitive data that they own. These areas manage huge quantities of valuable as well as critical financial information, personal identities, and intellectual ...
11 months ago Gbhackers.com Scattered Spider
FBI warns on Scattered Spider hackers, urges victims to come forward - Caesars Entertainment Inc MGM Resorts International Microsoft Corp SAN FRANCISCO, Nov 16 - The FBI warned organizations to guard against the Scattered Spider hacking group, which has breached dozens of American organizations over the past year, ...
1 year ago Reuters.com Scattered Spider
Forward Bank Notifies 46,019 Customers of Recent Data Breach - On November 17, 2023, Forward Bank filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on the company's computer network. In this notice, Forward Bank explains ...
1 year ago Jdsupra.com
US Congress Report Calls for Privacy Reforms After FBI Surveillance 'Abuses' - The FBI and the Biden administration at large have lobbied Congress to reauthorize the 702 program as is, ignoring calls for reform that have grown louder since the beginning of the year, manifesting this month in the form of a comprehensive privacy ...
1 year ago Wired.com
Marks & Spencer breach linked to Scattered Spider ransomware attack - Scattered Spider, also known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest, and Muddled Libra, is a group of threat actors that are adept at using social engineering attacks, phishing, ...
1 day ago Bleepingcomputer.com Scattered Spider
FBI: ALPHV ransomware raked in $300 million from over 1,000 victims - The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023, according to the Federal Bureau of Investigation. In the joint advisory published today in collaboration ...
1 year ago Bleepingcomputer.com LockBit Noescape
How the FBI seized BlackCat ransomware's servers - An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs. Today, the US Department of Justice confirmed that they seized websites for the ALPHV ransomware ...
1 year ago Bleepingcomputer.com LockBit Noescape
FBI warns of gift card fraud ring targeting retail companies - The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024. Tracked as Storm-0539, this hacking group ...
11 months ago Bleepingcomputer.com
Clorox says cyberattack caused $49 million in expenses - Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident. Clorox is an American manufacturer of consumer and professional cleaning products with 8,700 employees ...
1 year ago Bleepingcomputer.com Scattered Spider
FBI disrupts Moobot botnet used by Russian military hackers - The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff in spearphishing and credential theft attacks targeting the United States and its allies. This network of hundreds of ...
1 year ago Bleepingcomputer.com Fancy Bear APT28 Turla Volt Typhoon
BlackCat Ransomware Raises Ante After FBI Disruption - The U.S. Federal Bureau of Investigation disclosed today that it infiltrated the world's second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang's darknet website, and released ...
1 year ago Krebsonsecurity.com
How the FBI Infiltrated the Hive Ransomware Gang Systems - The FBI has recently infiltrated the systems of the Hive ransomware gang, one of the most sophisticated and successful global cybercrime gangs. This infiltration is a major victory for the FBI in its fight against ransomware, cybercrime, and other ...
2 years ago Bleepingcomputer.com
The Startup That Transformed the Hack-for-Hire Industry - If you're looking for a long read to while away your weekend, we've got you covered. First up, WIRED senior reporter Andy Greenberg reveals the wild story behind the three teenage hackers who created the Mirai botnet code that ultimately took down a ...
1 year ago Wired.com Scattered Spider
FBI's latest defense of warrantless S. 702 snooping is China The Register - Analysis The FBI's latest PR salvo, as it fights to preserve its warrantless snooping powers on Americans via FISA Section 702, is more big talk of cyberattacks by the Chinese government. Wray cited an example he's used previously about how, last ...
1 year ago Go.theregister.com Volt Typhoon
FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches - In January, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against Sichuan Juxinhe Network Technology, a Chinese cybersecurity firm believed to be directly involved in the Salt Typhoon telecom ...
4 days ago Bleepingcomputer.com
Twisted Spider's Dangerous CACTUS Ransomware Attack - In a sophisticated cyber campaign, the group Twisted Spider, also recognized as Storm-0216, has joined forces with the cybercriminal faction Storm-1044. Employing a strategic method, they target specific endpoints through the deployment of an initial ...
1 year ago Cysecurity.news Cactus
CVE-2016-4839 - The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior ...
3 years ago
CVE-2016-4838 - The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior ...
3 years ago
FBI Director: FISA 702 warrant requirement 'de facto ban' The Register - FBI director Christopher Wray made yet another impassioned plea to US lawmakers to kill a proposed warrant requirement for so-called "US person queries" of data collected via the Feds' favorite snooping tool, FISA Section 702. This controversial ...
1 year ago Theregister.com
FBI: Scammers pose as FBI IC3 employees to 'help' recover lost funds - Two years ago, the FBI warned of widespread fraud schemes in which scammers impersonate government or law enforcement officials by spoofing authentic phone numbers and using fake credentials to steal personally identifiable information or extort ...
1 week ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)