HomeNewsMuddled Libra poses great risk for BPO and Telecommunications industry: Palo Alto...

Muddled Libra poses great risk for BPO and Telecommunications industry: Palo Alto Networks Unit 42 Research

Unit 42, the threat intelligence and incident response team of global cybersecurity leader Palo Alto Networks, has released a blog with findings from its investigation into Muddled Libra – a high-risk threat group targeting BPO, software automation, and telecom companies. Across incidents investigated from mid-2022 to early-2023, the group sought and stole information on downstream client environments and used the same to pivot into those environments. It also demonstrated a strong understanding of its victims’ high-value clients and information most useful for follow-on attacks.

The attack style defining Muddled Libra was spotted in late-2022 with the release of the 0ktapus phishing kit. Through realistic fake authentication portals and targeted smishing, attackers quickly gathered credentials and multi-factor authentication (MFA) codes.

All threat actors that use 0ktapus are not Muddled Libra. Unit 42 has classified Muddled Libra with the following characteristics:

  • Using the 0ktapus phishing kit
  • Persistent targeting of the BPO industry
  • Long-term persistence
  • Nondestructive presence
  • Data theft
  • Use of compromised infrastructure in downstream attacks

“The BPO industry is one of the top employers in India, and securing them is paramount,” said Anil Valluri, MD & Regional VP for India & SAARC, Palo Alto Networks. “Muddled Libra demonstrates an unusually high degree of comfort engaging both the help desk and other employees by sending lure messages directly to their cellphones. These messages ask employees to update account information or re-authenticate a corporate application. Given the reliance on social engineering via phone and SMS, it is imperative to train employees to identify and flag such suspicious activities.”

Muddled Libra uses evasion tactics like disabling antivirus and host-based firewalls, deleting firewall profiles, creating defender exclusions, and deactivating or uninstalling EDR and other monitoring products. When unable to easily bypass robust multi factor authentication (MFA), Muddled Libra swiftly moved to other targets. Cybersecurity practitioners must consider how best to implement security alerting and account lockout on repeated MFA failures.

ELE Times Report
ELE Times Reporthttps://www.eletimes.ai/
ELE Times provides extensive global coverage of Electronics, Technology and the Market. In addition to providing in-depth articles, ELE Times attracts the industry’s largest, qualified and highly engaged audiences, who appreciate our timely, relevant content and popular formats. ELE Times helps you build experience, drive traffic, communicate your contributions to the right audience, generate leads and market your products favourably.

Related News

Must Read

Infineon Receives Additional Prestigious Award for Outstanding Investor Relations Work

DIRK (German Investor Relations Association) awards Infineon first...

STMicroelectronics Unveils World’s First ST54M Secure Mobile Chip With Post-Quantum Cryptography

Advance single-die solution with PQC (post-quantum cryptography) hardware...

Portronics launches VlogMate Neo: Mini Type-C Wireless Microphone with AI Feature

Featuring AI-powered noise reduction, real-time audio transmission, compact lightweight...

Nuvoton Unveils New Cortex-M23 Microcontroller SOC, NSC128L42, for High-Precision Measurement Applications

Nuvoton Technology Corporation announces the launch of the NSC128L42,...

New Battery Breakthrough Leads to ‘Big Leaps’ in Electronic Performance

A breakthrough could lead to huge breakthroughs in battery...

India is Engineering a Domestic Tech and Clean-Energy Supply Chain

The global tech supply chain is undergoing a massive...

DigiKey Releases Season Two of Sustainable Futures Video Series

New episodes highlight how the latest electronics are enabling...

Arrow Electronics and STMicroelectronics to Accelerate Industrial AMR Development

Arrow Electronics and STMicroelectronics (ST) unveil a new industrial...