0ktapus phishing campaign: 130 victims like Cloudflare or MailChimp
Group-IB has discovered that the recently uncovered 0ktapus phishing campaign targeting Twilio and Cloudflare employees was part of the massive attack chain that resulted in 9.931.000 accounts from over 130 organizations being compromised. The campaign was codenamed 0ktapus by researchers at Group-IB because it posed as a popular identity and access management service. The vast majority of victims are located in the United States, and many of them use Okta's identity and access management services. Group-IB Threat Intelligence teamdiscovered and analyzed the attackers' phishing infrastructure, including phishing domains, the phishing kit, and the...