Google Warns: UNC6040 Gang Targets Companies with Voice Phishing, Deadline Looms
Google has warned of a sophisticated criminal group, UNC6040, targeting companies with voice phishing calls. The gang aims to infiltrate Salesforce environments and steal data for extortion, threatening lawsuits if victims don't comply.
The group, observed by Google's Threat Intelligence Group, has set a deadline of Friday, October 10, for starting negotiations. They've published a leak site on the dark web, extorting 39 prominent companies, including Adidas, Disney, and FedEx. The site lists stolen data and sets an ultimatum.
Google reports that the gang operates under the leadership of ShinyHunters, with the leak site mentioning 'Scattered Laspsu$ Hunters', hinting at the involvement of Scattered Spider and Lapsus$ cyber gangs. Mandiant, a cybersecurity firm, has published advice to help companies defend against these attacks, such as verifying caller identities and using multiple secure verification factors.
Companies targeted by UNC6040 have until Friday, October 10, to initiate negotiations. Failure to do so may result in the publication of stolen data and potential lawsuits. Google and Mandiant urge businesses to enhance their security measures to protect against such attacks.
