Article 6FY1V Microsoft profiles new threat group with unusual but effective practices

Microsoft profiles new threat group with unusual but effective practices

by
Dan Goodin
from Ars Technica - All content on (#6FY1V)
getty-hacker-800x521.jpg

Enlarge / This is not what a hacker looks like. Except on hacker cosplay night. (credit: Getty Images | Bill Hinton)

Microsoft has been tracking a threat group that stands out for its ability to cash in from data theft hacks that use broad social engineering attacks, painstaking research, and occasional physical threats.

Unlike many ransomware attack groups, Octo Tempest, as Microsoft has named the group, doesn't encrypt data after gaining illegal access to it. Instead, the threat actor threatens to share the data publicly unless the victim pays a hefty ransom. To defeat targets' defenses, the group resorts to a host of techniques, which, besides social engineering, include SIM swaps, SMS phishing, and live voice calls. Over time, the group has grown increasingly aggressive, at times resorting to threats of physical violence if a target doesn't comply with instructions to turn over credentials.

In rare instances, Octo Tempest resorts to fear-mongering tactics, targeting specific individuals through phone calls and texts," Microsoft researchers wrote in a post on Wednesday. These actors use personal information, such as home addresses and family names, along with physical threats to coerce victims into sharing credentials for corporate access."

Read 6 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments