'Several dozen' orgs targeted by a new extortion crew : Possible link to Mr. Raccoon's claimed Adobe break-in

'Several dozen' high-value corporations hit by new extortion crew in helpdesk #phishing spree
www.theregister.com/2026/04/09/s...

Google Threat Intelligence Group tracks the financially motivated group as #UNC6783.
#CyberSecurity #InfoSec #CyberCrime #ThreatIntelligence

UNC6783 Hackers Use Fake Okta Pages in Corporate Breach Campaign UNC6783 hackers and extortionists impersonate support staff, using fake Okta login pages and social engineering to access corporate systems.

#UNC6783 extortionist hackers impersonate support staff, using fake Okta login pages and social engineering to access corporate systems and steal sensitive data, #Google warns.

Read: hackread.com/unc6783-hack...

#CyberSecurity #CyberCrime #Okta #Extortion #Scam

Google: New UNC6783 hackers steal corporate Zendesk support tickets A threat actor tracked as UNC6783 is compromising business process outsourcing (BPO) providers to gain access to high-value companies across multiple sectors.

New #UNC6783 hackers steal corporate #Zendesk support tickets

www.bleepingcomputer.com/news/security/google-new...

#cybersecurity #Raccoon

UNC6783 Turns BPO Providers into Cyberattack Gateways UNC6783 is targeting business process outsourcing (BPO) companies as a pathway to infiltrate major organizations, using phishing, social engineering, live-chat impersonation, and fake updates to steal sensitive data and deploy remote access malware. Google’s analysis and Mandiant recommendations emphasize measures such as FIDO2 hardware keys, live-chat monitoring, blocking Zendesk-like domains, and...

UNC6783 targets BPO providers to breach major organizations via phishing, social engineering, live-chat impersonation, and fake updates. Google and Mandiant recommend FIDO2 keys, chat monitoring, and MFA audits. #UNC6783 #BPOAttacks #US

Google Warns of New Campaign Targeting BPOs to Steal Corporate Data A financially motivated actor tracked as UNC6783 is targeting business process outsourcing firms and support staff to steal sensitive corporate data and extort high-value companies. GTIG links UNC6783 to a "Raccoon" persona that allegedly stole Adobe data from a BPO, and the actor lures staff with live chats to spoofed Okta...

UNC6783 targets BPOs and support staff using live chat phishing, clipboard-stealing kits to bypass MFA, RATs disguised as security updates, and Proton Mail extortion. #UNC6783 #DataTheft #BPOIndustry

Awakari App

Google Warns of New Campaign Targeting BPOs to Steal Corporate Data Tracked as UNC6783, the threat actor is likely linked to Mr. Raccoon, the hacker behind the alleged theft of Adobe data from a BP...

#Cybercrime #Adobe #data #theft #Mr #Racoon #Racoon #UNC6783

Origin | Interest | Match

Google: New UNC6783 hackers steal corporate Zendesk support tickets UNC6783 is compromising business process outsourcing (BPO) providers to access and exfiltrate sensitive data from high-value companies across multiple sectors and then extorting victims for payment. Their tactics include social engineering, phishing to spoof Okta logins on Zendesk-patterned domains, clipboard-stealing phishing kits to bypass MFA, delivery of remote access trojans via fake security updates, and extortion contacts via ProtonMail. #UNC6783 #Raccoon #Okta #Zendesk #Adobe

UNC6783 hackers exploit BPO providers to steal and extort sensitive corporate data using Okta login spoofing on Zendesk-like domains, clipboard phishing, and remote access Trojans via fake security updates. #UNC6783 #BPOAttacks #Okta