Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: Okta Breach Exposes Customer Data as Quasar RAT Targets Windows
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

Okta Breach Exposes Customer Data as Quasar RAT Targets Windows

Highlights

  • Identity services giant, Okta, recently announced a security breach in its support case management system. The unidentified culprits used stolen credentials, gaining access to files uploaded by Okta customers during recent support interactions. Importantly, the company’s production service remained untouched, and the Auth0/CIC case management system stood clear from the breach’s ramifications. The customers affected […]
Bilgesu Erdem
Last updated: 23 October, 2023 - 3:30 pm 3:30 pm
Bilgesu Erdem 2 years ago
Share
SHARE

Identity services giant, Okta, recently announced a security breach in its support case management system. The unidentified culprits used stolen credentials, gaining access to files uploaded by Okta customers during recent support interactions. Importantly, the company’s production service remained untouched, and the Auth0/CIC case management system stood clear from the breach’s ramifications. The customers affected have been alerted.

Worryingly, the breached customer support system was equipped to handle HTTP Archive (HAR) files, used to imitate end user or administrator errors. These HAR files can house sensitive data like cookies and session tokens, which, when misused, can allow hackers to impersonate legitimate users. As a countermeasure, Okta collaborated with affected customers to revoke any compromised session tokens.

Despite the alert, the magnitude of the intrusion remains shrouded in mystery. Still, as of March 2023, Okta boasts a clientele of over 17,000, overseeing approximately 50 billion users. Two of these clients, BeyondTrust and Cloudflare, acknowledged their recent targeting within this breach.

Cloudflare elaborated that a malevolent actor hijacked a session token from a support ticket initiated by one of their employees. By October 18, this token gave them unauthorized access to Cloudflare’s systems. The assailant went as far as compromising two separate Cloudflare employee accounts within Okta’s environment. However, Cloudflare ensured no client data or systems fell victim.

In contrast, BeyondTrust perceived the breach by October 2, 2023. Indications suggest that the cyber attackers had access to the support systems for nearly two weeks, at least until October 18. When BeyondTrust’s Okta administrator uploaded a HAR file on October 2, suspicious activities surrounding a session cookie surfaced in less than half an hour. Nevertheless, BeyondTrust detected and countered the threat in real-time, sparing its infrastructure and clientele any negative implications.

Okta’s stature in the cyber realm hasn’t made it immune to security oversights. Their single sign-on services, widely utilized by global corporations, has inevitably painted a target on their back, with several hacking attempts over recent years.

Quasar RAT’s Stealthy Operations

Uptycs researchers unveiled a stealthy data extraction method employed by the open-source remote access trojan, Quasar RAT. This malware capitalizes on DLL side-loading, manipulating the trust Windows places in certain files. Renowned as CinaRAT or Yggdrasil, this remote administration tool amasses data including system information, active applications, keystrokes, and even screen captures.

DLL side-loading dupes a system by inserting a falsified DLL file that mimics the one a benign executable seeks. Quasar RAT’s attack mechanism starts with an ISO image, housing a legitimate binary, a concealed malicious code, and a misnamed MsCtfMonitor.dll. This sequence culminates in launching the final Quasar RAT payload.

Regrettably, the identity of the culprits and their infiltration methods remain unclear. The common assumption tilts towards phishing emails as the initial access vector, urging users to be vigilant against suspicious emails and attachments.

It’s undeniable that cyberattacks are growing in sophistication, targeting key players in the online realm. Okta’s intrusion demonstrates the multi-faceted threats even established corporations face. Meanwhile, Quasar RAT’s sneaky maneuvers signify the increasing ingenuity of malware techniques. In this digital age, the call for stringent cybersecurity measures is louder than ever.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

CIOs Tackle Quantum Threat in Encryption Race

FTC Seeks New Tools to Combat Deepfake Pornography

Cyberattacks Exploit Major Software Vulnerabilities, Affecting Global Infrastructure

North Korea Builds Cyber Network Resembling a Mafia Operation

Cybercriminals Invest Illicit Profits in Surprising Ventures

Share This Article
Facebook Twitter Copy Link Print
By Bilgesu Erdem
Bilgesu graduated from Ankara University, Faculty of Communication, Department of Radio, Television and Cinema. After working as a reporter for various television channels and a newspaper, Bilgesu is currently working as a content editor at Newslinker. She loves technology and animals.
Previous Article Reliance on the verge of acquiring Disney’s Indian operations
Next Article Alan Wake 2 Challenges PC Gamers with Mesh Shader Requirements
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Wordle Solution Revealed as Puzzle Enthusiasts Strive for Victory
Gaming
Sony Faces Challenges in Expanding Live Service Game Lineup
Gaming
Mercedes Uses ABB’s PixelPaint for Precision Car Designs
Robotics
MIT Engineers Develop Elderly Assist Robot to Enhance Mobility
Robotics
AMD Set to Unveil Radeon RX 9060 XT at Computex 2025
Computing
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?