Federal agencies, including the FBI and CISA, issue alerts on the shifting strategies of the cybercriminal group known as Scattered Spider
Scattered Spider Cybercrime Collective Unleashes Global Cyberattacks
The Scattered Spider cybercrime collective is currently wreaking havoc across the globe, employing sophisticated social engineering and intrusion tactics to target various industries.
Recent victims of these attacks include high-profile companies in the retail, insurance, and aviation sectors. In the UK, Marks & Spencer, Co-op Group, and Harrods have been affected, while in North America, retailers, insurance firms, and aviation organizations have been targeted.
High-profile US companies such as MGM Resorts and Caesars Entertainment have also suffered significant losses due to Scattered Spider's activities. These companies were hit by BlackCat/ALPHV ransomware attacks, which were initiated through IT impersonation and credential resets, causing major outages and over $100 million in losses.
Scattered Spider's tactics include phishing, "push bombing" (flooding targets with MFA push alerts), SIM-swapping, and impersonation of IT staff to trick help-desk workers into handing over credentials or bypassing multifactor authentication. They also deploy ransomware variants, most notably the DragonForce ransomware.
There are concerns about coordinated campaigns, as emerging evidence suggests possible collaboration or overlap between Scattered Spider and the ShinyHunters group. Both groups target similar sectors with synchronized timing and campaigns, raising concerns about coordinated attacks on Salesforce and other platforms.
Microsoft researchers have reported that Scattered Spider has been using adversary-in-the-middle tactics and abusing text-messaging services. The FBI and CISA have also released an updated advisory about the cybercrime collective.
In response to these attacks, companies must prioritize robust employee training, strong multifactor authentication implementations, and incident response preparedness. This underscores the critical need for vigilance in the face of the evolving threat landscape posed by Scattered Spider.
| Aspect | Details | |---------------------|-----------------------------------------------------------------------| | Latest intrusion techniques | Phishing, push bombing MFA, SIM swapping, IT impersonation, ransomware (DragonForce, BlackCat) | | Recent affected companies/sectors | UK Retailers (Marks & Spencer, Co-op, Harrods); US retailers, insurers, aviation firms; MGM Resorts, Caesars Entertainment (US) | | Additional notes | Possible collaboration with ShinyHunters; highly adaptive and decentralized operations; targeting 15+ industries globally |
As the Scattered Spider cybercrime collective continues to evolve and adapt, it is crucial for organizations to remain vigilant and prepared to respond to these sophisticated attacks.
Read also:
- Industries Under Jeopardy Due to Multi-Accounting: Prevention Strategies Revealed in 2024
- Latest Tech Highlights: Top Gadgets of March 2025
- MSI's COMPUTEX 2025 Exhibition Highlights: Titanium Graphics Processing Units, Artificial Intelligence Assistant, and 500Hz Gaming Monitors Steal the Hardware Spotlight
- Asparagus: Examination of its nutritional value, advantages, and potential hazards
