Phishy Business: Zendesk Users Targeted by Scattered Lapsus$ Hunters in New Attack Wave!
Scattered Lapsus$ Hunters may be targeting Zendesk users in a new phishing campaign, as ReliaQuest uncovers over 40 typosquatted domains. Domains like znedesk.com host phishing pages mimicking Zendesk sign-on portals. The campaign already claimed Discord as a victim, compromising its Zendesk-based support system and stealing user data. Stay vigilant, Zendesk fans!
Hot Take:
Looks like the Scattered Lapsus$ Hunters are back at it again, this time with a flair for drama worthy of a daytime soap opera. They’ve set their sights on Zendesk users with more phishing domains than a catfish convention, proving once again that creativity knows no bounds when it comes to cyber mischief. Whether it’s a genuine attack or just a copycat act, one thing’s for sure—cybersecurity folks have their work cut out for them! Now, if only they could channel this energy into something more productive, like knitting or bird watching.
Key Points:
- ReliaQuest finds over 40 typosquatted Zendesk domains and malicious helpdesk tickets.
- Phishing domains mimic Zendesk’s SSO portals to harvest user credentials.
- The campaign bears resemblance to past Scattered Lapsus$ Hunters’ antics targeting Salesforce.
- Discord possibly falls victim, with a breach via a third-party Zendesk provider.
- Organizations encouraged to adopt stringent security measures, like MFA and domain monitoring.