Daily News for Every Age

Twilio hackers breaks into over 130 organisations in a massive phishing attack

Advertisement

In the same phishing campaign, hackers responsible for recent cyberattacks compromised over 130 organisations.

The hackers stole 9,931 login credentials using a phishing kit codenamed ‘0ktapus,’ which they then used to gain access to corporate networks and systems via VPNs and other remote access devices.

Advertisement

These attacks were extremely successful, resulting in a slew of data breaches at Twilio, MailChimp, Cloudflare, and Klaviyo.

Advertisement

According to Group-IB, threat actors stole user credentials from 136 companies, with the majority of the compromised organisations based in the United States.

Analysts used the “hidden” information in the phishing kit to track down the admin account of the Telegram channel used for account data exfiltration.

Group-IB claims to have more information about the threat actor’s alleged identity.

Follow us on