A threat actor known as Muddled Libra is targeting the business process outsourcing (BPO) industry with persistent attacks that leverage advanced social engineering ploys to gain initial access.
“The attack style defining Muddled Libra appeared on the cybersecurity radar in late 2022 with the release of the 0ktapus phishing kit, which offered a prebuilt hosting framework and bundled templates,” Palo Alto Networks Unit 42 said in a technical report.
Libra is the constellation-themed designation given by the cybersecurity company for cybercrime groups. The “muddled” moniker for the threat actor stems from the prevailing ambiguity with regards to the use of the 0ktapus framework.
0ktapus, also known as Scatter Swine, refers to an intrusion set that first came to light in August 2022 in connection with smishing attacks against over 100 organizations, including Twilio and Cloudflare.
images from Hacker News