216.73.216.86

Scattered Spider: Still Hunting for Victims in 2025

· Published 09/04/2025 07:51 · Modified 09/04/2025 08:31

Export JSON

Essential information

Published
09/04/2025 07:51
Modified
09/04/2025 08:31
Tags
2025-04-09 domain impersonation hubspot klaviyo phishing social engineering spectre rat
Related entities
57 observables, 1 intrusion sets (apt), 15 techniques (mitre), 1 malware, 7 others

Description

Scattered Spider, a notorious hacking collective, continues to actively target victims in 2025. The group has expanded its focus to include services like , , and Pure Storage, while targeting high-profile brands such as Audemars Piguet, Chick-fil-A, and Twitter/X. Silent Push researchers have identified five unique kits used by Scattered Spider since 2023, with some undergoing updates. A new version of has been discovered, along with the acquisition of a domain previously owned by Twitter/X. Despite arrests of several members in 2024, Scattered Spider has adapted its tactics, including the use of dynamic DNS providers and updated kits. The group continues to employ sophisticated attacks to obtain credentials and multi-factor authentication tokens.

External references