Subj : After hitting top retail
To   : All
From : Mike Powell
Date : Tue Jun 17 2025 03:54 pm

After hitting top retail stores, experts warn this infamous criminal gang is
now going after US insurance giants

Date:
Tue, 17 Jun 2025 14:28:00 +0000

Description:
Google is warning Scattered Spider is shifting attention to US-based
insurance firms.

FULL STORY

The notorious Scattered Spider cybercrime gang is apparently stepping away
from attacking high-end retailers and has begun targeting insurance
organizations in the US, experts have claimed.

Google Threat Intelligence Group (GTIG) cybersecurity researchers claim to
have seen multiple attacks, and are now urging organizations to be on the
lookout for potential threats.

"Google Threat Intelligence Group is now aware of multiple intrusions in the
US which bear all the hallmarks of Scattered Spider activity. We are now
seeing incidents in the insurance industry," chief GTIG analyst John
Hultquist said in an email shared with TechRadar Pro .

DragonForce

Scattered Spider is a loosely knit cybercriminal organization operating
within a larger hacking community known as the Com, known for targeting one
industry at the time.

It recently targeted high-end retailers, mostly in the UK, including Harrods,
M&S and the Co-op , and has also engaged with US companies, going for social
engineering, SIM-swapping, and ransomware .

"Given this actor's history of focusing on a sector at a time, the insurance
industry should be on high alert, especially for social engineering schemes,
which target their help desks and call centers," Hultquist stressed.

Although Google did not discuss who the victims are, The Register says two
US-based companies recently reported suffering a cyberattack: Erie Insurance,
and Philadelphia Insurance Company. Neither confirmed the incidents were the
work of Scattered Spider, but the news aligned suspiciously well.

The publication also says the crooks usually start their attacks with fake
helpdesk calls, after which they trick the victims into granting access to
their devices, which is later used to deploy the DragonForce ransomware
encryptor.

There are multiple ways to defend against ransomware attacks, but the best
one is to raise employee awareness about phishing and social engineering,
since most attacks abuse people, rather than systems.

Via The Register

======================================================================
Link to news story:
https://www.techradar.com/pro/security/after-hitting-major-shops-experts-warn-
this-criminal-gang-is-now-going-after-us-insurance-giants

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

You are viewing proxied material from vert.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.