Close Menu

    Subscribe to Updates

    Get the latest tech news from Tallwire.

      What's Hot

      U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

      July 16, 2026

      AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

      July 16, 2026

      Record Industry Pushes for AI Labels on Streaming Music

      July 15, 2026
      Facebook X (Twitter) Instagram
      • Tech
      • AI
      • Get In Touch
      Facebook X (Twitter) LinkedIn
      TallwireTallwire
      • Tech

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

        July 14, 2026

        AI Protesters March on Silicon Valley Giants Demanding Development Freeze

        July 14, 2026
      • AI

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Record Industry Pushes for AI Labels on Streaming Music

        July 15, 2026

        AI Chatbots Increasingly Clash With Eating Disorder Treatment

        July 15, 2026

        Anthropic Doubles Down on New York as AI Talent War Intensifies

        July 15, 2026
      • Security

        China’s AI Distillation Campaign Raises New Concerns Over U.S. Technology Security

        July 13, 2026

        AI Tools Increasingly Exploited by Terrorist Organizations, New Research Finds

        July 13, 2026

        Pentagon Expands Engineering Recruitment to Restore America’s Military Technology Edge

        July 13, 2026

        EU Lawmakers Advance Controversial Private Message Scanning Measure Despite Mounting Privacy Concerns

        July 12, 2026

        Scramble Intensifies to Secure America Against Emerging AI National Security Threats

        July 12, 2026
      • Health

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        AI Chatbots Increasingly Clash With Eating Disorder Treatment

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Humanoid Robots Complete First Live Surgical Procedures in Medical Milestone

        July 14, 2026

        Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

        July 14, 2026
      • Science

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Scientists Advance “StormWall” Concept to Defend Earth from Catastrophic Solar Storms

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Humanoid Robots Complete First Live Surgical Procedures in Medical Milestone

        July 14, 2026
      • Tech

        AI Protesters March on Silicon Valley Giants Demanding Development Freeze

        July 14, 2026

        Palo Alto Networks CEO Warns AI Costs Must Plunge Before Enterprise Adoption Can Accelerate

        July 14, 2026

        DeepMind Unionization Effort Encounters Early Resistance as Labor Talks Stall

        July 11, 2026

        Always-On Workplace Culture Pushes Employees Toward the Breaking Point

        July 10, 2026

        High-Income Families Embrace AI-Driven Schools as Alternative Education Expands

        July 9, 2026
      TallwireTallwire
      Home»Tech»Zendesk Customers Under Siege As Scattered LAPSUS$ Hunters Launch Phishing Blitz
      Tech

      Zendesk Customers Under Siege As Scattered LAPSUS$ Hunters Launch Phishing Blitz

      Updated:January 4, 20264 Mins Read
      Facebook Twitter Pinterest LinkedIn Tumblr Email
      Zendesk Customers Under Siege As Scattered LAPSUS$ Hunters Launch Phishing Blitz
      Zendesk Customers Under Siege As Scattered LAPSUS$ Hunters Launch Phishing Blitz
      Share
      Facebook Twitter LinkedIn Pinterest Email

      The cyber-crime collective known as Scattered LAPSUS$ Hunters (SLH) has begun targeting users of Zendesk in a fresh phishing campaign, according to a new alert by cybersecurity firm ReliaQuest. Researchers have identified more than 40 typosquatted and impersonating Zendesk-related domains created over the past six months — some hosting fake single sign-on pages to steal credentials, others used to submit malicious support tickets aimed at infecting help-desk personnel with malware such as remote-access trojans. The group reportedly exploited a support portal breach at Discord, exfiltrating sensitive user data, and has signaled plans for further campaigns through early 2026. Organizations are now being urged to treat customer-support platforms like Zendesk as critical infrastructure and apply the same security discipline as with core IT systems.

      Sources: TechRadar, CSO Online

      Key Takeaways

      – SLH registered over 40 fraudulent domains resembling Zendesk URLs, using them to harvest credentials via fake SSO portals or to deliver malware through spoofed support-ticket submissions.

      – The group’s modus operandi reflects a pivot toward attacking customer-support systems, considered “low-hanging fruit,” rather than traditional enterprise networks — evidencing a shift toward human- and infrastructure-centric social engineering.

      – Firms relying on SaaS-based help-desk platforms must elevate security: enforce robust MFA, monitor for typosquatted domains, restrict support-ticket privileges, and treat help-desk tools as part of their critical attack surface.

      In-Depth

      The fallout from the latest wave of cyber-threats is hard to overstate: after a string of high-profile breaches targeting major SaaS platforms, the group calling itself Scattered LAPSUS$ Hunters has turned its attention to Zendesk — a customer-support backbone for hundreds of thousands of businesses worldwide. The alarming discovery, detailed by security firm ReliaQuest, reveals more than 40 new domains bearing names like “vpn-zendesk[.]com” and “znedesk[.]com” — blatant typosquatting that mimics legitimate Zendesk URLs. Some of these domains host counterfeit single sign-on (SSO) portals, engineered to trick users into entering their credentials. Other domains are used to lodge fraudulent support tickets to real Zendesk portals, aiming to expose help-desk personnel to remote-access trojans or other forms of malware.

      This campaign marks a cunning evolution of tactics: after all, email has long been the primary vector for phishing. By shifting toward support-portal infrastructure, SLH is exploiting systems that organizations frequently overlook — assuming they’re safer or less critical than email or external web applications. In many firms, support portals are handled by lower-privileged staff or third-party agents, and may lack the same security hardening as core platforms. That creates an enticing attack surface for social-engineering operators who are adept at impersonation and credential-theft schemes.

      The timing is significant, too. SLH’s interest in Zendesk coincides with their alleged involvement in a recent data breach at Discord, where hackers reportedly accessed Discord’s Zendesk-based support system and walked away with names, email addresses, IPs, billing info, and even government-issued IDs. While SLH has denied responsibility for that specific breach — calling the attribution “hilarious” — the technical footprint of the Zendesk-spoofing domains matches their known pattern: typosquatting, registration through NiceNic, masked Cloudflare nameservers, and US/UK contact info. That strongly suggests this is not a random act, but a coordinated operation following similar efforts against other SaaS platforms earlier in 2025, such as Salesforce and Gainsight.

      For companies still treating their help-desk tools as ancillary, this should be a wake-up call. As ReliaQuest warns, the next few months — especially the upcoming holiday season — are a prime time for SLH to strike, particularly when incident-response teams may be under-staffed or distracted. The group itself reportedly notified followers on Telegram that “3–4 campaigns” are in progress and urged IR staff to watch their logs through January 2026.

      What should organizations do? For starters, treat customer support platforms with the same security rigor as core infrastructure. Require hardware-based multi-factor authentication for all accounts with administrative or support privileges. Enable strict session-timeout policies and IP allow-listing whenever possible. Deploy domain-monitoring tools or subscribe to a digital-risk-protection service that can alert you when typosquatted versions of your SaaS domains appear. Restrict who can submit support tickets, and apply content filtering and link-scanning to detect potentially malicious attachments or URLs.

      This may not stop every attempt — where human trust is involved, there will always be risk — but implementing those layers of defense will dramatically raise the cost and complexity of a successful attack. In today’s threat environment, it’s no longer sufficient to harden firewalls and patch servers; organizations must remember: the weakest link may be the help-desk portal itself.

      Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
      Previous ArticleYouTube Rolls Out TV-Targeted Features Amid Growing Living-Room Shift
      Next Article Zillow Pulls Climate-Risk Scores From Listings After Agents Push Back

      Related Posts

      U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

      July 16, 2026

      Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

      July 15, 2026

      Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

      July 15, 2026

      Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

      July 14, 2026
      Add A Comment
      Leave A Reply Cancel Reply

      Editors Picks

      U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

      July 16, 2026

      Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

      July 15, 2026

      Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

      July 15, 2026

      Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

      July 14, 2026
      Popular Topics
      Startup Series A Sundar Pichai Space Software Satellite SpaceX Satya Nadella Tesla Viral spotlight UAE Tech Tim Cook trending Taiwan Tech starlink Series B Samsung Stocks Tesla Cybertruck
      Major Tech Companies
      • Apple News
      • Google News
      • Meta News
      • Microsoft News
      • Amazon News
      • Samsung News
      • Nvidia News
      • OpenAI News
      • Tesla News
      • AMD News
      • Anthropic News
      • Elbit News
      AI & Emerging Tech
      • AI Regulation News
      • AI Safety News
      • AI Adoption
      • Quantum Computing News
      • Robotics News
      Key People
      • Sam Altman News
      • Jensen Huang News
      • Elon Musk News
      • Mark Zuckerberg News
      • Sundar Pichai News
      • Tim Cook News
      • Satya Nadella News
      • Mustafa Suleyman News
      Global Tech & Policy
      • Israel Tech News
      • India Tech News
      • Taiwan Tech News
      • UAE Tech News
      Startups & Emerging Tech
      • Series A News
      • Series B News
      • Startup News
      Tallwire
      Facebook X (Twitter) LinkedIn Threads Instagram RSS
      • Tech
      • Entertainment
      • Business
      • Government
      • Academia
      • Transportation
      • Legal
      • Press Kit
      © 2026 Tallwire. Optimized by ARMOUR Digital Marketing Agency.

      Type above and press Enter to search. Press Esc to cancel.