Security News > 2022 > August > Hackers Behind Twilio Breach Also Targeted Cloudflare Employees

Web infrastructure company Cloudflare on Tuesday disclosed at least 76 employees and their family members received text messages on their personal and work phones bearing similar characteristics as that of the sophisticated phishing attack against Twilio.

The attack, which transpired around the same time Twilio was targeted, came from four phone numbers associated with T-Mobile-issued SIM cards amd was ultimately unsuccessful.

The text messages pointed to a seemingly legitimate domain containing the keywords "Cloudflare" and "Okta" in an attempt to deceive the employees into handing over their credentials.

Cloudflare said three of its employees fell for the phishing scheme, but noted that it was able to prevent its internal systems from being breached through the use of FIDO2-compliant physical security keys required to access its applications.

Besides working with DigitalOcean to shut down the attacker's server, the company also said it reset the credentials of the impacted employees and that it's tightening up its access implementation to prevent any logins from unknown VPNs, residential proxies, and infrastructure providers.

The development comes days after Twilio said unknown hackers succeeded in phishing the credentials of an undisclosed number of employees and gained unauthorized access to the company's internal systems, using it to get hold of customer accounts.

News URL

https://thehackernews.com/2022/08/hackers-behind-twilio-breach-also_10.html