CyberSecurityBoard
Sponsor Register Login

Qantas discloses cyberattack amid Scattered Spider aviation breaches

Scattered Spider (also tracked as 0ktapus, UNC3944, Scatter Swine, Starfraud, and Muddled Libra) is a group of threat actors known for their conducting social engineering and identity-based attacks against organizations worldwide, commonly using phishing, SIM swapping, MFA bombing, and help desk phone calls to gain access to employee credentials. After recently focusing on retail and insurance companies, cybersecurity firms warned on Friday that Scattered Spider had shifted its attention to aviation, with recent attacks on Hawaiian Airlines and WestJet believed to be linked to the threat actors. Australian airline Qantas disclosed that it detected a cyberattack on Monday after threat actors gained access to a third-party platform containing customer data. While it is unclear if this group is behind the Qantas attack, BleepingComputer has learned the incident shares similarities with other recent attacks by the threat actors.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 02 Jul 2025 00:55:16 +0000


Cyber News related to Qantas discloses cyberattack amid Scattered Spider aviation breaches

Qantas says 5.7 million affected by breach, leaked info not enough to access frequent flyer accounts | The Record from Recorded Future News - In an updated advisory on Wednesday afternoon, the company said the data of 5.7 million people was exposed last week when hackers breached a Qantas contact center. Qantas Group CEO Vanessa Hudson said the company is in contact with Australia’s ...
4 weeks ago Therecord.media Scattered Spider
Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack - The group behind the high-profile MGM cyberattack in September has resurfaced in yet another sophisticated ransomware attack, in which the actor pivoted from a third-party service environment to the target organization's on-premise network in only an ...
1 year ago Darkreading.com Scattered Spider
Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack - The group behind the high-profile MGM cyberattack in September has resurfaced in yet another sophisticated ransomware attack, in which the actor pivoted from a third-party service environment to the target organization's on-premise network in only an ...
1 year ago Darkreading.com Scattered Spider
Scattered Spider is running a VMware ESXi hacking spree - This allows Scattered Spider to scan the network devices for IT documentation that would provide high-value targets, like the names of domain or VMware vSphere administrators, and security groups that can provide administrative permissions over the ...
1 week ago Bleepingcomputer.com Scattered Spider
Qantas is being extorted in recent data-theft cyberattack - The Qantas breach is part of attacks targeting the aviation sector by threat actors linked to Scattered Spider. These threat actors are skilled at social engineering attacks used to gain initial access to corporate networks, commonly by tricking help ...
1 month ago Bleepingcomputer.com Scattered Spider
Scattered Spider hackers shift focus to aviation, transportation firms - Scattered Spider, also known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest, and Muddled Libra, is a classification of threat actors that are adept at using social engineering attacks, phishing, ...
1 month ago Bleepingcomputer.com Qilin Dragonforce Ransomhub Scattered Spider
Qantas confirms data breach impacts 5.7 million customers - Australian airline Qantas has confirmed that 5.7 million people have been impacted by a recent data breach, in which threat actors stole customers' data. While the company did not share any further details, BleepingComputer learned that the ...
4 weeks ago Bleepingcomputer.com Scattered Spider
Researchers Expose Scattered Spider's Tools, Techniques and Key Indicators - Scattered Spider, a sophisticated cyber threat group known for aggressive social engineering and targeted phishing, is broadening its scope, notably targeting aviation alongside enterprise environments. During a targeted investigation, Check Point ...
1 month ago Cybersecuritynews.com Scattered Spider
ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH - A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal data from Salesforce CRM instances. These breaches have ...
1 week ago Bleepingcomputer.com Hunters Scattered Spider
Qantas discloses cyberattack amid Scattered Spider aviation breaches - Scattered Spider (also tracked as 0ktapus, UNC3944, Scatter Swine, Starfraud, and Muddled Libra) is a group of threat actors known for their conducting social engineering and identity-based attacks against organizations ...
1 month ago Bleepingcomputer.com Scattered Spider
Scattered Spider Employs Sophisticated Attacks to Steal Login Credentials & MFA Tokens - To counter this threat, Silent Push has developed Indicators of Future Attack (IOFA) feeds that track Scattered Spider infrastructure, including recently observed domains like “klv1.it.com” targeting Klaviyo and multiple others ...
3 months ago Cybersecuritynews.com Scattered Spider
As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs - Scattered Spider hackers have been tearing through the finance and insurance sectors, all while authorities are preparing legal actions to stop them. A game of cops and robbers is playing out between the FBI and Scattered Spider, the cybercrime ...
1 year ago Darkreading.com Scattered Spider
Hackers behind UK retail attacks now targeting US companies - Scattered Spider (also tracked as 0ktapus, UNC3944, Scatter Swine, Starfraud, and Muddled Libra) is a term used to describe a fluid collective of threat actors known for breaching many high-profile organizations worldwide in sophisticated ...
2 months ago Bleepingcomputer.com Scattered Spider Dragonforce
Scattered Spider Hackers Actively Attacking Aviation and Transportation Firms - Charles Carmakal, Chief Technology Officer at Mandiant Consulting-Google Cloud, confirmed that his company is “aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered ...
1 month ago Cybersecuritynews.com Scattered Spider
'Significant' amount of customer data accessed during cyberattack on Qantas airline | The Record from Recorded Future News - Sam Rubin, senior vice president of threat intelligence at Palo Alto Networks' Unit 42, told Recorded Future News that Scattered Spider recently migrated toward pure social engineering-based tactics, using their English-speaking skills to fool ...
1 month ago Therecord.media Scattered Spider Dragonforce
Scattered Spider Malware Targeting Klaviyo, HubSpot, and Pure Storage Services - Security teams should be particularly vigilant for suspicious authentication attempts, unknown devices connecting to corporate networks, and unusual account activity patterns that might indicate successful credential theft through Scattered ...
2 months ago Cybersecuritynews.com Scattered Spider
CISA and FBI Shared Tactics, Techniques, and Procedures of Scattered Spider Hacker Group - CISA analysts identified that Scattered Spider has recently expanded its arsenal to include DragonForce ransomware alongside traditional data exfiltration techniques, marking a significant escalation in the group’s threat profile. Scattered ...
1 week ago Cybersecuritynews.com Scattered Spider Dragonforce
Scattered Spider Attacking Finance & Insurance Industries - Hackers very frequently target the finance and insurance sectors due to the large volumes of sensitive data that they own. These areas manage huge quantities of valuable as well as critical financial information, personal identities, and intellectual ...
1 year ago Gbhackers.com Scattered Spider
Scattered Spider member pleads guilty to identity theft, wire fraud charges | The Record from Recorded Future News - Urban, who goes by the alias "Sosa," “Elijah,” and “King Bob” was "part of a group of loosely organized individuals who engage in account takeovers and [stole] cryptocurrency from online exchanges" from August 2022 through ...
4 months ago Therecord.media Scattered Spider
Scattered Spider is targeting victims' Snowflake data storage for quick exfiltration | The Record from Recorded Future News - The Scattered Spider cybercriminal group is targeting victims’ data storage tools after gaining initial access by impersonating contracted information technology (IT) help desks. In “many” incidents, Scattered Spider was seen searching for an ...
1 week ago Therecord.media Dragonforce Scattered Spider
Global Authorities Share IoCs and TTPs of Scattered Spider Behind Major ESXi Ransomware Attacks - The joint advisory, released by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Royal Canadian Mounted Police (RCMP), Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), ...
1 week ago Cybersecuritynews.com Scattered Spider Dragonforce
How to Keep Cyberattacks From Taking Off - COMMENTARY. Over the last three years, the global aviation industry has been left reeling by a post-pandemic sucker punch that hit the sector with over $185 billion in losses. Once a bastion of American prosperity, airlines were forced into survival ...
1 year ago Darkreading.com
Clorox says cyberattack caused $49 million in expenses - Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident. Clorox is an American manufacturer of consumer and professional cleaning products with 8,700 employees ...
1 year ago Bleepingcomputer.com Scattered Spider
Scattered Spider Attacking Tech Companies Using Phishing Frameworks Like Evilginx and Social Engineering Methods - Fluent English-speaking callers, often working “evening shifts” that coincide with Western office hours, posed as CFOs or IT staff to persuade help-desk agents to reset multi-factor authentication (MFA) tokens, providing Evilginx with the final ...
1 month ago Cybersecuritynews.com Scattered Spider
Scattered Spider Upgraded Their Tactics to Abuse Legitimate Tools to Evade Detection and Maintain Persistence - Rapid7 analysts identified a novel persistence mechanism during recent incident investigations, revealing the group’s adoption of Teleport, an infrastructure access platform not previously associated with Scattered Spider operations. The ...
1 month ago Cybersecuritynews.com Scattered Spider

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)