Spiders Spin a New Web: Scattered Spider Targets US Banks in Cybercrime Comeback
Scattered Spider hasn’t spun its last web. Despite claiming retirement, the cybercriminal group has merely shifted its focus to the financial sector, recently infiltrating a US bank. Their methods remain as crafty as ever, using social engineering and technical prowess to snoop and extract sensitive information. Spiders never change their stripes!
Hot Take:
It’s like the cybercriminal version of “retiring from crime” only to become a “consultant” for more crime. Scattered Spider’s idea of retirement seems to involve a lot of work in the financial sector, proving once again that in the world of cybercrime, there are no real breaks, just new targets. Who needs a beach when you have a bank vault?
Key Points:
- Scattered Spider claimed retirement but shifted focus to the financial sector.
- The group recently targeted and breached a US bank’s network.
- They used social engineering and exploited Microsoft Entra ID for initial access.
- They compromised VMware ESXi and aimed to exfiltrate data from platforms like Snowflake and AWS.
- Despite claims of quitting, their tactics, techniques, and procedures (TTPs) persist.
Already a member? Log in here