0Ktapus phishing campaign


0ktapus campaign has been underway since at least March 2022, aiming to steal Okta identity credentials and 2FA codes and use them to carry out subsequent supply chain attacks.

In Aug. 2022 SMS phishing messages baited Twilio's employees into clicking the embedded links by warning them that their passwords had expired or were scheduled to be changed.

Incidents Caused by this Malware

Threat Actors Known to use this Malware

No threat actors identified