MALWARE: 0Ktapus phishing campaign
0ktapus campaign has been underway since at least March 2022, aiming to steal Okta identity credentials and 2FA codes and use them to carry out subsequent supply chain attacks.
In Aug. 2022 SMS phishing messages baited Twilio's employees into clicking the embedded links by warning them that their passwords had expired or were scheduled to be changed.
Incidents Caused by this Malware
- August 4, 2022: Twilio Suffers Data Breach
Threat Actors Known to use this Malware
No threat actors identified