US, Australia, and Canadian agencies have updated their warning on the hacker group Scattered Spider, revealing new attack techniques and malware like DragonForce ransomware. The group employs sophisticated social engineering, credential theft, and targets critical systems across multiple industries. #ScatteredSpider #DragonForce #UNC3944 #MuddledLibra
Keypoints
- Scattered Spider, also known as UNC3944, is a financially motivated hacking group with evolving TTPs.
- The group uses social engineering, credential theft, and malware like DragonForce ransomware in attacks.
- Targets include help desk personnel, VMware ESXi servers, and cloud platforms such as Snowflake.
- Recent activity shows focus on stealing data, encrypting servers, and disabling backups to hinder recovery.
- Experts emphasize the importance of identity-centric security, layered verification, and Zero Trust models to defend against these threats.