Microsoft is apply farthermost approach on a new group of ransomware.
Ransomware attacks are always bad news, whether they come from a group of experienced or new cracker The group of ransomware cover by Microsoft shows that the fact that they are only now arising does not mean that they are not as dangerous as those that have carried out abundance of cyberattacks in the past.
While other threat actors have the patience to wait for the demanded ransom, this hacker group does the exact opposite. Instead of waiting for the victims to keep their end of the bargain, Octo Tempest tries to speed up the exchange amid threats.
You may also find that they are not good at friendly negotiations, if there is such a thing during ransomware attacks. Instead of holding the data hostage amid encryption, Octo Tempest simply threatens to make it public if the demanded ransom is not paid.
Like other threat actors, they also accommodation the security of their victims through common or garden [chiefly British] methods such as social engineering, SMS phishing, SIM change etc. SIM change could result in the accounts of a affluent owner baby taken over.
After jot (down) in, Octo Tempest steals the cryptocurrency stored get there differently hackers sell unauthorized access through swaps because they belong to mobile processing services operated by other companies.
Microsoft states that “on rare occasions, Octo Tempest uses scare tactics by targeting specific people through phone calls and text communication To blackjack them, they used the victim’s personal information such as home address, last name, and more.
As seen on Ars Technical, a group of cracker claim that the victim provide cast their votes login capability or the hackers leave fire them. They also additional a 10-minute ultimatum to make it seem more threatening. When that didn’t work, the baddie resorted to other threats.
In addition to counting the minutes, the hackers announce that they will attack the victim’s house. bypass go our/ their/ your several ways moments they threatened to break down the door, send the killer to the victim’s house or shoot his wife.
“In recent campaigns, we have seen Octo Tempest ace react because of TTP cast to navigate complex hybrid environments, extract sensitive data and encrypt data,” articulate the software giant. SMS phishing, SIM change and advanced social engineering techniques.
Targets and Tactics
The anti-technology group targets multiple industries including natural resources, gaming, hospitality, consumer products, retail, managed service providers, manufacturing, legal, technology and financial services.
In 2022, Octo Tempest will focus exclusively on mobile operators and everyday business process units. This was achieved through sociochemical engineering of the SIM fuse and data accession They will then commit cryptocurrency fraud and sell access.
In 2022-2023, an attack on telecommunications branches and anti-technology and consign benevolence application service provider commence Today, cracker perform mass password resets and data ancestry for more aspiring purposes, such as large-scale account takeovers or data leaks in large-scale data leak forums.