- Spotted Spider no longer targets retailers, says Google
- “Multiple” intrusions have been identified in the United States
- Insurance companies now seem to be in the reticle
The famous scattered cybercrime gang of Spider moves away from the attack on high-end retailers and has started to target insurance organizations in the United States, experts said.
Google Threat Intelligence Group (GTIG) cybersecurity researchers claim to have seen multiple attacks and are now urging organizations to seek potential threats.
“Google Threat Intelligence Group is now aware of several intrusions in the United States which carry all the characteristics of the activity of scattered spiders. We are now seeing incidents in the insurance sector,” said GTIG chief analyst John Hultquist, in a shared email with Techradar Pro.
Dragonforce
Sporseed Spider is a cybercriminal organization “in vaguely knitting” operating within a greater hacking community known as “com”, known for having targeted an industry at the time.
It recently targeted high-end retailers, mainly in the United Kingdom, notably Harrods, M&S and the cooperative, and has also been committed with American companies, opting for social engineering, the exchange of Simbois and ransomware.
“Given the history of this actor to focus on one sector, the insurance sector should be on high alert, in particular for social engineering regimes, which target their assistance offices and call centers,” said Hultquist.
Although Google has not discussed who are the victims, The register According to two companies based in the United States, recently said that they had suffered from a cyber attack: ERIE Insurance and Philadelphia Insurance Company. Neither confirmed that the incidents were the work of Spander Spider, but the news aligned well.
The publication also indicates that crooks generally start their attacks with false assistance calls, after which they encourage victims to grant access to their devices, which is later used to deploy the DragonForce ransomware enclosure.
There are several ways to defend yourself against ransomware attacks, but the best is to make employees aware of phishing and social engineering, because most attacks abuse people rather than systems.
Via The register
