Feds Charge Five Men in 'Scattered Spider' Roundup

briankrebs@infosec.exchange

Feds Charge Five Men in 'Scattered Spider' Roundup

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass, MailChimp, Okta, T-Mobile and Twilio.

Two of the accused I've written about extensively already. Today's story looks at how several of these guys were caught. For example:

"The phishing kits used for these campaigns featured a hidden Telegram instant message bot that forwarded any submitted credentials in real-time.

In August 2022, multiple security firms gained access to the server that was receiving data from that Telegram bot, which on several occasions leaked the Telegram ID and handle of its developer, who used the nickname "Joeleoli."

https://krebsonsecurity.com/2024/11/feds-charge-five-men-in-scattered-spider-roundup/

#scatteredspider #fbi #simswap

https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/522/786/177/425/301/original/69ead3de00fc98c6.png

spacelifeform@infosec.exchange

@briankrebs

Okta and Twilio definitely have a track record.