Octo Tempest aka 0ktapus has Become 'One of the Most Dangerous Financial' Hacker Groups
Octo Tempest, a financially motivated hacking group, has been labeled as one of the most dangerous financial criminal groups by Microsoft. They recently became an English-speaking affiliate of the Russian-speaking ransomware group BlackCat, which is unusual since Eastern European groups typically do not work with native English-speaking criminals. Octo Tempest is known for well-organized and prolific attacks, targeting various industries for extortion. Their initial access involves social engineering attacks and impersonating victims to trick support and help desk personnel. They employ various methods to gain access, such as installing monitoring utilities, using fake login portals, purchasing credentials, and SIM swaps. Octo Tempest also uses fear-mongering tactics and physical threats to coerce victims. Once inside a targeted environment, they perform data enumeration and gather information to aid in further phases of the attack. Their goal is financial gain, utilizing techniques like data exfiltration, cryptocurrency theft, and ransomware deployment.