Google Warns of New Threat Group Targeting BPOs and Helpdesks
ATT&CK techniques detected
T1566.002Spearphishing Link
95%
“by stealing clipboard contents, which then allows the attackers to enroll their own devices for persistent access. ” alternatively, the gtig team has also observed unc6783 using fake security software updates to trick users into downloading remote access malware. it sometimes use…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
74%
“google warns of new threat group targeting bpos and helpdesks a new threat group is targeting business process outsourcers ( bpos ) and large enterprises for extortion using live chat channels, google has warned. google threat intelligence group ( gtig ) principal threat analyst,…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1556.006Multi-Factor Authentication
70%
“on this specific campaign - proactively block any unauthorized domains with the [. ] zendesk - support [. ] com pattern - monitor for unauthorized binary execution, especially installers or " updates " downloaded during support sessions - regularly audit newly enrolled mfa device…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Google’s threat intel team warns UNC6783, a new extortion group possibly linked to the “Raccoon” persona, is targeting BPOs and enterprises