📣 Post by briankrebs

2024-11-21 ┃ edited

Feds Charge Five Men in 'Scattered Spider' Roundup
Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass, MailChimp, Okta, T-Mobile and Twilio.
Two of the accused I've written about extensively already. Today's story looks at how several of these guys were caught. For example:
"The phishing kits used for these campaigns featured a hidden Telegram instant message bot that forwarded any submitted credentials in real-time.
In August 2022, multiple security firms gained access to the server that was receiving data from that Telegram bot, which on several occasions leaked the Telegram ID and handle of its developer, who used the nickname "Joeleoli."
krebsonsecurity.com/2024/11/fe…
#scatteredspider #fbi #simswap

briankrebs

https://infosec.exchange/@briankrebs/113522801198607335

https://krebsonsecurity.com/2024/11/feds-charge-five-men-in-scattered-spider-roundup/

https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/522/786/177/425/301/original/69ead3de00fc98c6.png

Posts tagged #fbi

💬 Replies

2024-11-23 Elephant ┃ 1💬

@briankrebs Interesting read. "[M]ultiple security firms gained access to the server that was receiving data from that Telegram bot" - how does that happen? Does the FBI knock on several doors […]

2024-11-22 briankrebs ┃ 1🔗

LOL. Who knew LI would bring the comedy I needed today?

2024-11-22 SpaceLifeForm

@briankrebs
Okta and Twilio definitely have a track record.

────

📡 Local feed

🏕️ Communities

🔥 Hashtags

🔎 Search posts

🔑 Sign in

📊 Status

🛟 Help