Hackers behind UK retail attacks now targeting US companies

Google warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States. "The US retail sector is currently being targeted in ransomware and extortion operations that we suspect are linked to UNC3944, also known as Scattered Spider," John Hultquist, Chief Analyst at Google Threat Intelligence Group, told BleepingComputer. "The actor, which has reportedly targeted retail in the UK following a long hiatus, has a history of focusing their efforts on a single sector at a time, and we anticipate they will continue to target the sector in the near term. US retailers should take note." As first reported by BleepingComputer, British retail giant Marks & Spencer (M&S) was first breached in a ransomware attack where threat actors encrypted virtual machines on VMware ESXi hosts with a DragonForce encryptor. This attack was attributed to Octo Tempest, Microsoft's name for Scattered Spider. Co-op also ... Read full article.