The cybercrime collective Scattered LAPSUS$ Hunters (SLH) is reportedly recruiting women to conduct voice phishing attacks, offering financial incentives and pre-written scripts for social engineering campaigns targeting IT help desks, according to a recent report by The Hacker News.SLH, a high-profile supergroup comprising LAPSUS$, Scattered Spider, and ShinyHunters, is known for advanced social engineering tactics. These include MFA prompt bombing and SIM swapping to bypass security measures. The group specifically targets IT help desks and call centers, impersonating employees to gain password resets or install remote monitoring tools. Once initial access is achieved, they move laterally within virtualized environments, escalate privileges, and exfiltrate sensitive data, sometimes leading to ransomware deployment. They also leverage legitimate services and residential proxy networks, along with tunneling tools and file-sharing services, to evade detection. Palo Alto Networks Unit 42, tracking Scattered Spider as Muddled Libra, notes their proficiency in exploiting human psychology and impersonating employees for identity compromise.The recruitment of women for vishing attacks represents a calculated evolution in SLH's tactics, aiming to increase success rates by potentially bypassing traditional attacker profiles. Organizations are advised to enhance security by training IT help desk personnel to identify suspicious scripts and impersonations, enforce strict identity verification, strengthen MFA policies away from SMS-based authentication, and audit logs for suspicious activity following help desk interactions to mitigate these evolving threats.Source: The Hacker News
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds




