A threat actor named Zestix, also known as Sentap, exploits infected employee devices and weak security practices to access and sell corporate cloud credentials. This campaign highlights the importance of enforcing Multi-Factor Authentication and monitoring for compromised credentials in preventing data breaches. #Zestix #Sentap #Infostealer #ShareFile #Nextcloud
Keypoints
- Zestix primarily uses Infostealer malware to harvest credentials from employee devices.
- The breaches were facilitated by organizations’ failure to implement Multi-Factor Authentication (MFA).
- Multiple critical organizations across sectors like utilities, defense, healthcare, and aviation were compromised.
- The campaign is part of a larger global issue involving cloud platform credential leaks.
- Hudson Rock’s intelligence platform helps detect and prevent credential misuse before exploitation.