Ransomware Group

Scattered Spider

Also known as: 0ktapus, UNC3944, Starfraud, Octo Tempest

Status: active • First seen 2022-05150+ known victims

Scattered Spider consists of young hackers who are experts at tricking people over the phone. They call IT help desks pretending to be employees and trick them into resetting passwords.

Overview

Scattered Spider is a financially motivated threat group known for sophisticated social engineering attacks. The group gained notoriety for attacks on MGM Resorts and Caesars Entertainment.

Target Industries

Telecom, Technology, Entertainment, Hospitality

How They Attack

  • Social engineering
  • SIM swapping
  • Help desk vishing
  • Cloud targeting
  • MFA bypass

Notable Victims

MGM Resorts (2023), Caesars Entertainment (2023), Okta customers (2022)

Is your business exposed?

How to Protect Against Scattered Spider

  1. 1.

    Implement voice verification for help desk requests

  2. 2.

    Use phishing-resistant MFA (FIDO2)

  3. 3.

    Train staff on social engineering awareness

MITRE ATT&CK Techniques

T1566.004, T1078, T1199, T1556

Related Groups

Blackcat

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices