A cybercrime group attempted to extort Kraken after recruiting at least two internal support employees to improperly access limited client support data from approximately 2,000 accounts. The threat actors threatened to release videos of internal systems showing client data.
Initial Access
Insider Recruitment
confirmed
A cybercrime group successfully recruited at least two Kraken support employees, gaining initial access to internal systems through their legitimate credentials.
Defender cut points
Implement robust insider threat detection programsConduct regular employee background checks and continuous vettingProvide comprehensive security awareness training on social engineering and bribery risks
