UNC6783 Hackers Use Fake Okta Pages in Corporate Breach Campaign

UNC6783 hackers and extortionists impersonate support staff, using fake Okta login pages and social engineering to access corporate systems and steal sensitive data.

Cybersecurity experts at Google Threat Intelligence Group (GTIG) have issued a warning about a new group of hackers, known as UNC6783, who are trying to steal data from large companies for data theft extortion. Austin Larsen, a lead analyst at GTIG, reports that this group might be linked to an individual using the name Raccoon.

The hackers have so far targeted dozens of high-value organisations across various industries by compromising the security of Business Process Outsourcers (BPOs). These are third-party service providers responsible for handling tasks such as customer service and technical support for larger corporations. By targeting these partner firms, hackers can gain access to the main systems of the companies they really want to target for data theft.

How the hackers trick the staff

According ...