TECH NEWS

New Pink Extortion Group Targets Microsoft 365 Cloud Data Via Vishing Scams

https://hackread.com/wp-content/uploads/2026/06/pink-extortion-microsoft-365-cloud-data-vishing-scams-1024x576.jpg

A new cybercrime group called Pink is targeting corporate data for financial extortion. Palo Alto Networks’ research division, Unit 42, first exposed this threat, believed to be linked with the broader Com network.

The researchers tracked the group under the cluster code CL-CRI-1147, and reported that Pink launched a dedicated data leak site on 31 May 2026, listing several initial victims.

Building on Unit 42’s data, security analytics firm Gurucul released a follow-up analysis on 4 June 2026 to help companies spot the group’s footprint inside corporate networks.

Initial Entry and Cloud Theft

Unit 42’s research reveals that Pink avoids traditional malware payloads. Instead, the threat actors rely on voice phishing, or vishing, to target corporate users. By impersonating internal IT personnel over the phone, the hackers manipulate employees into visiting credential stealing domains like passkeyaddcom or passkeydeploy.com.

When an employee falls for the scam and enters their details,...

Copyright of this story solely belongs to hackread.com. To see the full text click HERE

Read more