{"id":9361,"date":"2022-09-29T08:00:00","date_gmt":"2022-09-29T14:00:00","guid":{"rendered":"https:\/\/swimlane.com\/resource\/oktapus-phishing-campaign\/"},"modified":"2026-04-24T05:14:43","modified_gmt":"2026-04-24T11:14:43","slug":"oktapus%e3%83%95%e3%82%a3%e3%83%83%e3%82%b7%e3%83%b3%e3%82%b0%e3%82%ad%e3%83%a3%e3%83%b3%e3%83%9a%e3%83%bc%e3%83%b3","status":"publish","type":"sw_resource","link":"https:\/\/swimlane.com\/ja\/blog\/oktapus-phishing-campaign\/","title":{"rendered":"0ktapus\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u653b\u6483\u306e\u8a73\u7d30"},"content":{"rendered":"\n\n\n<section class=\"bs-section bs-section-50ac0cc438dbf2f3b380783c05a3c736bb0670e7 bs-section---default bs-section--blog-inner-banner  \"><style>.bs-section.bs-section-50ac0cc438dbf2f3b380783c05a3c736bb0670e7{ background-color: #000743;} <\/style><div class=\"container\">\n<div class=\"bs-row row  flex-md-row-reverse bs-row---default\">\n<div class=\" bs-column col-sm-12 col-md-12 col-lg-6   bs-column-6770b3369b6c61539d3140cb52ed6bc5ec393625 bs-column---default bs-column--right d-flex flex-column justify-content-end    \"><figure class=\"wp-block-post-featured-image\"><img decoding=\"async\" src=\"https:\/\/swimlane.com\/wp-content\/uploads\/OktapusMasthead.png\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"Surreal digital illustration of a cybernetic octopus emerging toward a human eye with a mechanical iris, overlaid with glowing red \u201cVULNERABILITY\u201d text, symbolizing cybersecurity threats, data exposure, and digital surveillance risks.\" style=\"object-fit:cover;\" srcset=\"https:\/\/swimlane.com\/wp-content\/uploads\/OktapusMasthead.png 1120w, https:\/\/swimlane.com\/wp-content\/uploads\/OktapusMasthead-300x182.png 300w, https:\/\/swimlane.com\/wp-content\/uploads\/OktapusMasthead-1024x621.png 1024w, https:\/\/swimlane.com\/wp-content\/uploads\/OktapusMasthead-768x466.png 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" \/><\/figure><\/div>\n\n\n\n<div class=\" bs-column col-sm-12  col-md-12 col-lg-6   bs-column-2ba18c9b6304620af4785b54fe900bf0ce0fc4d5 bs-column---default d-flex flex-column    \"><div class=\"wp-block-post-date\"><time datetime=\"2022-09-29T08:00:00-06:00\">9\u6708 29, 2022<\/time><\/div>\n\n<h1 class=\"wp-block-post-title has-text-color has-white-color\">A Deep Dive into the 0ktapus Phishing Attacks<\/h1>\n\n\n<div class=\"bs-div bs-div-44a15e4b99450b7aaf810333a0fbaa4ff5112133 bs-div---default\"><div class=\"bs-div__inner d-flex flex-wrap align-items-center    \">\n<a class=\"bs-post__author has-text-align-center\" href=\"https:\/\/swimlane.com\/ja\/author\/Katie_Bykowski\/\">\n\t<div class=\"profile-desc\">\n\t\t<figure>\n\t\t\t<img decoding=\"async\" src=\"https:\/\/swimlane.com\/wp-content\/uploads\/author_Katie_Bykowski.jpg\" alt=\"user-avatar\">\n\t\t<\/figure>\n\t\t<span class=\"prefix\"><\/span>\n\t\t<span class=\"name\">\n\t\t\tKatie Bykowski\t\t<\/span>\n\t<\/div>\n<\/a>\n\n\n\n<div class=\"reading-time\">\n    <span class=\"reading-time__time\">3 <\/span> Minute Read\n<\/div><\/div><\/div>\n<\/div>\n<\/div>\n<\/div><\/section>\n\n\n\n\n\n\n\n\n\n<section class=\"bs-section bs-section-205a03f93391472c82564395e3b5684e68c8ef7d bs-section---default bs-section--blog-inner-main-contents  \"><div class=\"container\">\n<div class=\"bs-row row justify-content-between  bs-row---default\">\n<div class=\" bs-column col-sm-12 col-md-1   bs-column-fa02c15a19a9c2952663733986e45d4eef708638 bs-column---default     \"><div class=\"heateor_sss_sharing_container heateor_sss_horizontal_sharing\" data-heateor-ss-offset=\"0\" data-heateor-sss-href='https:\/\/swimlane.com\/ja\/blog\/oktapus-phishing-campaign\/'><div class=\"heateor_sss_sharing_ul\"><a aria-label=\"Email\" class=\"heateor_sss_email\" href=\"https:\/\/swimlane.com\/ja\/blog\/oktapus-phishing-campaign\/\" onclick=\"event.preventDefault();window.open('mailto:?subject=' + decodeURIComponent('A%20Deep%20Dive%20into%20the%200ktapus%20Phishing%20Attacks').replace('&', '%26') + '&body=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Foktapus-phishing-campaign%2F', '_blank')\" title=\"Email\" rel=\"noopener\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg\" style=\"background-color:#649a3f;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"-.75 -.5 36 36\"><path d=\"M 5.5 11 h 23 v 1 l -11 6 l -11 -6 v -1 m 0 2 l 11 6 l 11 -6 v 11 h -22 v -11\" stroke-width=\"1\" fill=\"#fff\"><\/path><\/svg><\/span><\/a><a aria-label=\"Twitter\" class=\"heateor_sss_button_twitter\" href=\"https:\/\/twitter.com\/intent\/tweet?text=A%20Deep%20Dive%20into%20the%200ktapus%20Phishing%20Attacks&url=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Foktapus-phishing-campaign%2F\" title=\"Twitter\" rel=\"nofollow noopener\" target=\"_blank\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg heateor_sss_s__default heateor_sss_s_twitter\" style=\"background-color:#55acee;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"-4 -4 39 39\"><path d=\"M28 8.557a9.913 9.913 0 0 1-2.828.775 4.93 4.93 0 0 0 2.166-2.725 9.738 9.738 0 0 1-3.13 1.194 4.92 4.92 0 0 0-3.593-1.55 4.924 4.924 0 0 0-4.794 6.049c-4.09-.21-7.72-2.17-10.15-5.15a4.942 4.942 0 0 0-.665 2.477c0 1.71.87 3.214 2.19 4.1a4.968 4.968 0 0 1-2.23-.616v.06c0 2.39 1.7 4.38 3.952 4.83-.414.115-.85.174-1.297.174-.318 0-.626-.03-.928-.086a4.935 4.935 0 0 0 4.6 3.42 9.893 9.893 0 0 1-6.114 2.107c-.398 0-.79-.023-1.175-.068a13.953 13.953 0 0 0 7.55 2.213c9.056 0 14.01-7.507 14.01-14.013 0-.213-.005-.426-.015-.637.96-.695 1.795-1.56 2.455-2.55z\" fill=\"#fff\"><\/path><\/svg><\/span><\/a><a aria-label=\"Facebook\" class=\"heateor_sss_facebook\" href=\"https:\/\/www.facebook.com\/sharer\/sharer.php?u=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Foktapus-phishing-campaign%2F\" title=\"Facebook\" rel=\"nofollow noopener\" target=\"_blank\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg\" style=\"background-color:#0765FE;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"0 0 32 32\"><path fill=\"#fff\" d=\"M28 16c0-6.627-5.373-12-12-12S4 9.373 4 16c0 5.628 3.875 10.35 9.101 11.647v-7.98h-2.474V16H13.1v-1.58c0-4.085 1.849-5.978 5.859-5.978.76 0 2.072.15 2.608.298v3.325c-.283-.03-.775-.045-1.386-.045-1.967 0-2.728.745-2.728 2.683V16h3.92l-.673 3.667h-3.247v8.245C23.395 27.195 28 22.135 28 16Z\"><\/path><\/svg><\/span><\/a><a aria-label=\"Linkedin\" class=\"heateor_sss_button_linkedin\" href=\"https:\/\/www.linkedin.com\/sharing\/share-offsite\/?url=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Foktapus-phishing-campaign%2F\" title=\"Linkedin\" rel=\"nofollow noopener\" target=\"_blank\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg heateor_sss_s__default heateor_sss_s_linkedin\" style=\"background-color:#0077b5;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"0 0 32 32\"><path d=\"M6.227 12.61h4.19v13.48h-4.19V12.61zm2.095-6.7a2.43 2.43 0 0 1 0 4.86c-1.344 0-2.428-1.09-2.428-2.43s1.084-2.43 2.428-2.43m4.72 6.7h4.02v1.84h.058c.56-1.058 1.927-2.176 3.965-2.176 4.238 0 5.02 2.792 5.02 6.42v7.395h-4.183v-6.56c0-1.564-.03-3.574-2.178-3.574-2.18 0-2.514 1.7-2.514 3.46v6.668h-4.187V12.61z\" fill=\"#fff\"><\/path><\/svg><\/span><\/a><\/div><div class=\"heateorSssClear\"><\/div><\/div>\n<\/div>\n\n\n\n<div class=\" bs-column col-sm-12  col-lg-8 col-md-11   bs-column-0d83d6d9863f92131cc95492d42e5b50c72f00bb bs-column---default bs-column--contents     \">\n<h2>Learn how Swimlane\u2019s own SOC utilized low-code security automation to react to a potential supply chain attack.<\/h2>\n<h2><strong>What was 0ktapus?<\/strong><\/h2>\n<p>0ktapus was a massive phishing campaign that was discovered by the Group-IB research team, which targeted customers of Okta to receive text messages containing links to phishing sites that mimicked the Okta authentication page of their organization, which harvested Okta credentials and two-factor authentication (2-FA) codes.<\/p>\n<p>This attack which was used by the malicious actors is not a new technique but more recently has been used at scale. Once the malicious actors obtain credentials and two-factor codes they are able to pivot to the targeted business. A majority of affected organizations that these malicious actors targeted were software companies followed by those belonging to telecom, business services, finances, education, retail and logistics sectors.<\/p>\n<p>According to <a href=\"https:\/\/www.darkreading.com\/remote-workforce\/twilio-hackers-okta-credentials-sprawling-supply-chain-attack\" target=\"_blank\" rel=\"noopener\">Dark Reading<\/a>, about 10,000 Okta credentials and 2-FA were compromised in this phishing campaign. The Group-IB research team found a total of 169 unique domains which were used as part of this phishing attack and all associated Indicators of Compromise (IOCs), can be found <a href=\"https:\/\/blog.group-ib.com\/0ktapus\" target=\"_blank\" rel=\"noopener\">here<\/a>.<\/p>\n<h2><strong>Timeline of Events<\/strong><\/h2>\n<p>On <strong>August 26, 2022<\/strong>, with the help of low-code security automation, our security operations center (SOC) team was able to quickly react to a notification from our managed detection and response (MDR) partner about this supply chain phishing attack being used.<\/p>\n<p>Below is a timeline of how quickly our teams \u2013 security, IT, and HR \u2013 were able to react to this phishing campaign with the use of the <a href=\"https:\/\/www.swimlane.com\/swimlane-turbine\" rel=\"noopener\">Swimlane platform.<\/a><\/p>\n<p><strong>At 13:08 MDT <\/strong>\u2013 The Swimlane SOC received a Slack notification from our MDR partner about the supply chain attack.<\/p>\n<p><strong>At 13:13<\/strong> \u2013 The Swimlane SOC reviewed all closed cases and used open source intelligence to assess any risk.<\/p>\n<p><strong>At 13:49 <\/strong>\u2013 The Swimlane SOC created a new Incident Response (IR) case to track all ongoing efforts to include any pending and completed actions. We blocked all attributed IOCs on our infrastructure which included Web Application Firewalls (WAF), Network Firewalls (NFW), and also all of our endpoints.<\/p>\n<p><strong>At 14:07 <\/strong>\u2013 With the help of automation, the security team initiated an IOC hunt utilizing all Swimlane SOC, SIEM, cloud resources, and endpoint entities. This effort led to no positive hits or compromises.<\/p>\n<p><strong>At 14:19 <\/strong>\u2013 Utilizing Swimlane automation, we updated rules and policies for all Enterprise IT &amp; Cloud environments to isolate &amp; contain any activity linked to known IOCs confirmed to be associated with this attack.<\/p>\n<p><strong>At 14:48 <\/strong>\u2013 The SOC concluded its investigation and no impact was observed on our organization.<\/p>\n<h2><strong>Ongoing Steps to Mitigate Risk<\/strong><\/h2>\n<p>As part of our response to this phishing campaign, our security and HR teams conducted smishing training for employees to keep everyone informed about threats being used.<\/p>\n<p>Organizations should also consider disabling one-time passwords such as SMS and push notifications as they are less secure, and as we learned, can be used in a malicious way to target an organization. Enterprises can also utilize FIDO-2 compliant security keys for multi-factor authentication, as this would reduce the attack surface of the targeted companies.<\/p>\n<h2><strong>How Low-Code Security Automation Helped<\/strong><\/h2>\n<p>Low-code security automation and proper <a href=\"https:\/\/swimlane.com\/solutions\/security-automation-and-orchestration\/case-management\" rel=\"noopener\">case management<\/a> are important tools that help to quickly respond to any threat. If it wasn\u2019t for Swimlane\u2019s threat detection and incident response use cases, our SOC team would need to individually log into every security tool to be able to search for and block IOCs that were used as part of this phishing campaign.<\/p>\n<p>With the use of Swimlane\u2019s platform, we were able to quickly leverage automation and bring down our mean time to resolution (MTTR). We turn to our security automation, orchestration and response platform to help us:<\/p>\n<ul>\n<li>Automate the manual steps of the IOC process<\/li>\n<li>Automatically flag and dismiss false positives<\/li>\n<li>Gather context to enrich IOCs at machine-speeds<\/li>\n<\/ul>\n<p>The Swimlane security operations team relies on low-code security automation to reduce errors and false positives during the investigation process. It handles mundane and time-consuming tasks so that our analysts can allocate their time to make more strategic decisions. This positioned us to instantly react to the 0ktapus phishing campaign and reinforce the value of security.<\/p>\n\n\n\n<div class=\"bs-div bs-div-6a76c51cfc9dc75405507120e5a6646218570ff8 bs-div---default bs-div--blog-inner-download-guide\"><style>.bs-div.bs-div-6a76c51cfc9dc75405507120e5a6646218570ff8 {background-image: url(https:\/\/swimlane.com\/wp-content\/uploads\/2022\/10\/download-report.png); background-position: center center;\n    background-size: cover;} <\/style><div class=\"bs-div__inner d-flex flex-wrap justify-content-center  flex-md-row-reverse align-items-md-center justify-content-md-between flex-md-nowrap  \"><div class='media-elements bs-media-element---default enable'>    <div class='bs-common-image'>\n                            <figure class='figure justify-content-start d-flex'>\n                            <picture>\n                            \n                            <img src='https:\/\/swimlane.com\/wp-content\/uploads\/Screenshot-2024-06-26-at-4.33.27\u202fPM.png' class='img-fluid'   alt='Swimlane security automation workflow for user provisioning, enrichment, help desk, and HR system integration' title=''  \/>\n                            <\/picture>\n                                \n                            <\/figure>\n                        <\/div><\/div>\n\n\n<div class=\"bs-div bs-div-773aef0a3852274bc6b23f7985e05efd194e399e bs-div---default\"><div class=\"bs-div__inner     \">\n<h2 class=\"wp-block-heading\">A Buyer\u2019s Guide for Modern Security Automation<\/h2>\n\n\n\n<p>Enterprise SOC teams recognize the need for automation but often struggle with the automation solutions themselves. Security Orchestration, Automation and Response (SOAR) solutions commonly require extensive scripting. This guide analyzes the wide range of security automation platforms available today, so you can identify the type of solution that fits your needs the best.&nbsp;<\/p>\n\n\n\n<span class=\"bs-pro-button bs-pro-button---default bs-pro-button--primary-with-arrow-small bs-pro-button-p-btn-479c9c601a5b59e6ba94330a467445a6f4b6530a\"><style>.bs-pro-button-p-btn-479c9c601a5b59e6ba94330a467445a6f4b6530a .bs-pro-button__container {background-color: #abb8c3; color: #000000;}<\/style><a href=\"https:\/\/swimlane.com\/resources\/e-books\/a-buyers-guide-for-modern-security-automation\/\" target=\"\" rel=\"noopener noreferrer\" class=\"bs-pro-button__container\">Download E-Book<\/a><\/span>\n<\/div><\/div>\n<\/div><\/div>\n<\/div>\n\n\n\n<div class=\" bs-column col-sm-12  col-md-12 col-lg-3   bs-column-0ad64702520e52820989c3b8a4a5574abd826112 bs-column---default     \">\n<div class=\"bs-div bs-div-f0851be86a4542da358c10ec17ccebffa17efe07 bs-div---default bs-div--tags\"><div class=\"bs-div__inner     \">\n<h2 class=\"wp-block-heading\" id=\"h-tags\">Tags<\/h2>\n\n\n<div class=\"post-tag-wrapper\">\n    <p><\/p><\/div>\n<\/div><\/div>\n\n\n\n<div class=\"bs-div bs-div-5e7267355d8caf36f5b5e0c86eef387b664b848d bs-div---default bs-div--related-posts\"><div class=\"bs-div__inner     \">\n<h2 class=\"wp-block-heading\" id=\"h-related-posts\">Related Posts<\/h2>\n\n\n\n<div class=\"bs-related-posts bs-related-posts-block---default\"><div class=\"bs-related-posts__container\"><div class=\"bs-related-posts__items\">\n<div class=\" bs-column col-sm-4   bs-column-b619eb984092e720779a969a873521d2ec1a85a5 bs-column---default     \">\t\t\t\t\t<div class=\"bs-post bs-post-69ece3270ebb2 bs-single-post---default enable\" >\n\t\t\t<a class=\"bs-post__trigger\" href='https:\/\/swimlane.com\/ja\/blog\/armor-level-3-automated-response\/' target='_self'>\t\t\t<div class=\"bs-post__inner\">\n\t\t\t\t<div class=\"bs-post__details\">    <div class=\"bs-post__date\">\n        <span>9\u6708 21, 2023<\/span>\n    <\/div>\n    <div class=\"bs-post__title\">\n        <h5>A Deep Dive into ARMOR Level 3: Automated Response<\/h5>\n    <\/div>\n<div class=\"bs-post__learn-more\">\n    <span class='btn learn-more-text bs-post__learn-more-text'>Read More<\/span><\/div>\n<\/div>\t\t\t<\/div>\n\t\t\t<\/a>\t\t<\/div>\n\t<\/div>\n\n\n\n<div class=\" bs-column col-sm-4   bs-column-b619eb984092e720779a969a873521d2ec1a85a5 bs-column---default     \">\t\t\t\t\t<div class=\"bs-post bs-post-69ece327100df bs-single-post---default enable\" >\n\t\t\t<a class=\"bs-post__trigger\" href='https:\/\/swimlane.com\/ja\/blog\/mobile-phishing\/' target='_self'>\t\t\t<div class=\"bs-post__inner\">\n\t\t\t\t<div class=\"bs-post__details\">    <div class=\"bs-post__date\">\n        <span>3\u6708 26, 2025<\/span>\n    <\/div>\n    <div class=\"bs-post__title\">\n        <h5>The Rise of Mobile Phishing and How to Prevent Mobile Phishing<\/h5>\n    <\/div>\n<div class=\"bs-post__learn-more\">\n    <span class='btn learn-more-text bs-post__learn-more-text'>Read More<\/span><\/div>\n<\/div>\t\t\t<\/div>\n\t\t\t<\/a>\t\t<\/div>\n\t<\/div>\n\n\n\n<div class=\" bs-column col-sm-4   bs-column-b619eb984092e720779a969a873521d2ec1a85a5 bs-column---default     \">\t\t\t\t\t<div class=\"bs-post bs-post-69ece3271157c bs-single-post---default enable\" >\n\t\t\t<a class=\"bs-post__trigger\" href='https:\/\/swimlane.com\/ja\/blog\/types-of-cyber-security-attacks\/' target='_self'>\t\t\t<div class=\"bs-post__inner\">\n\t\t\t\t<div class=\"bs-post__details\">    <div class=\"bs-post__date\">\n        <span>6\u6708 3, 2025<\/span>\n    <\/div>\n    <div class=\"bs-post__title\">\n        <h5>10 Types of Cybersecurity Attacks &amp; How to Prevent Them<\/h5>\n    <\/div>\n<div class=\"bs-post__learn-more\">\n    <span class='btn learn-more-text bs-post__learn-more-text'>Read More<\/span><\/div>\n<\/div>\t\t\t<\/div>\n\t\t\t<\/a>\t\t<\/div>\n\t<\/div>\n<\/div><\/div><\/div>\n<\/div><\/div>\n\n\n<\/div>\n<\/div>\n<\/div><\/section>\n\n\n\n<section class=\"bs-section bs-section-2a4a600ae9ab197b6a4ccafe05152bf1a2fde1d1 bs-section---default bs-section--newsletter bs-section--common-marketo-form bs-section--common-marketo-form-two-columns  \"><style>.bs-section.bs-section-2a4a600ae9ab197b6a4ccafe05152bf1a2fde1d1{ background-color: #000743;} <\/style><div class=\"container-fluid\">\n<div class=\"bs-row row   bs-row---default\">\n<div class=\" bs-column col-sm-0 col-md-0 col-lg-6   bs-column-df5e10bef85c15055718b4d93887855962017939 bs-column---default     \">\n<h2 class=\"wp-block-heading has-white-color has-text-color\" id=\"requestor\">Request a Live Demo<\/h2>\n<\/div>\n\n\n\n<div class=\" bs-column col-sm-0 col-md-0 col-lg-6   bs-column-df5e10bef85c15055718b4d93887855962017939 bs-column---default     \"><div class='media-elements bs-media-element---default enable'>    <div class='bs-common-image'>\n                            <figure class='figure justify-content-start d-flex'>\n                            <picture>\n                            \n                            <img src='https:\/\/swimlane.com\/wp-content\/uploads\/liitp.svg' class='img-fluid'   alt='' title=''  \/>\n                            <\/picture>\n                                \n                            <\/figure>\n                        <\/div><\/div>\n\n<script src=\"\/\/pages.swimlane.com\/js\/forms2\/js\/forms2.min.js\"><\/script>\n<form id=\"mktoForm_1017\"><\/form>\n<script>\n    var embeddedFormId = '05a6905d0187a23e165b2fd995e965fe15cb94f6';\n    var marketoBaseUrl = '\/\/pages.swimlane.com';\n    var munchkinId = '978-QCM-390';\n    var formId = '1017';\n    var responseType = 'redirect';\n    var responseMessage = 'Thank you!';\n    var redirectURL = '';\n    var downloadFileURL = '';\n    var linkOpenType = '_self';\n    var popupVideo = 'url';\n    var popupVideoURL = '';\n    var popupVideoUploadURL = '';\n    MktoForms2.loadForm(marketoBaseUrl, munchkinId, formId, function(form) {\n        form.onSuccess(function(values, followUpUrl) {\n            document.getElementById(\"int_mktoForm_\" + formId).innerHTML = responseMessage;\n                    });\n    });\n<\/script>\n<div class=\"form-submit-note\" id=\"int_mktoForm_1017\"><\/div>\n<!-- Incluing form response options -->\n\n\n\n<script>\n    (function() {\n        \/\/ Please include the email domains you would like to block in this list\n        var invalidDomains = [\"@gmail.\", \"@yahoo.\", \"@hotmail.\", \"@live.\", \"@icloud.\",\"@aol.\", \"@outlook.\", \"@proton.\", \"@mailinator.\"];\n\n\n        MktoForms2.whenReady(function(form) {\n            form.onValidate(function() {\n                var email = form.vals().Email;\n                if (email) {\n                    if (!isEmailGood(email)) {\n                        form.submitable(false);\n                        var emailElem = form.getFormElem().find(\"#Email\");\n                        form.showErrorMessage(\"Must be Business email.\", emailElem);\n                    } else {\n                        form.submitable(true);\n                    }\n                }\n            });\n        });\n\n        function isEmailGood(email) {\n            for (var i = 0; i < invalidDomains.length; i++) {\n                var domain = invalidDomains[i];\n                if (email.indexOf(domain) != -1) {\n                    return false;\n                }\n            }\n            return true;\n        }\n\n\n    })(); \n<\/script>\n<\/div>\n<\/div>\n<\/div><\/section>\n","protected":false},"excerpt":{"rendered":"<p>Swimlane \u72ec\u81ea\u306e SOC \u304c\u30ed\u30fc\u30b3\u30fc\u30c9 \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u81ea\u52d5\u5316\u3092\u6d3b\u7528\u3057\u3066\u3001\u6f5c\u5728\u7684\u306a\u30b5\u30d7\u30e9\u30a4 \u30c1\u30a7\u30fc\u30f3\u653b\u6483\u306b\u3069\u306e\u3088\u3046\u306b\u5bfe\u5fdc\u3057\u305f\u304b\u306b\u3064\u3044\u3066\u8aac\u660e\u3057\u307e\u3059\u3002.<\/p>","protected":false},"author":5,"featured_media":9362,"template":"","meta":{"_acf_changed":false,"show_custom_date":false,"custom_date":"","featured":false,"featured_image":0,"learn_more_label":"","image_alt_text":"","learn_more_type":"","learn_more_link":[],"show_popup":false,"disable_iframe":false,"enable_lazy_loading":false,"learn_more_link_file":0,"event_date":false,"event_start_date":"","event_end_date":"","featured_page_list":[],"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","inline_featured_image":false,"footnotes":""},"tags":[],"resource-type":[67],"resource-topic":[],"resource-industry":[],"blog-category":[75,76,69,70,71],"class_list":["post-9361","sw_resource","type-sw_resource","status-publish","has-post-thumbnail","hentry","resource-type-blogs","blog-category-security-automation","blog-category-learn","blog-category-use-cases","blog-category-secops","blog-category-soar"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.5 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>A Deep Dive into 0ktapus Phishing Attack Waters<\/title>\n<meta name=\"description\" content=\"Learn how Swimlane\u2019s own SOC team utilized low-code security automation to react to a potential supply chain attack named 0ktapus.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/oktapus\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"A Deep Dive into the 0ktapus Phishing Attacks\" \/>\n<meta property=\"og:description\" content=\"Learn how Swimlane\u2019s own SOC team utilized low-code security automation to react to a potential supply chain attack named 0ktapus.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/oktapus\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\/\" \/>\n<meta property=\"og:site_name\" content=\"AI Security Automation\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-24T11:14:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/swimlane.com\/wp-content\/uploads\/OktapusMasthead.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1120\" \/>\n\t<meta property=\"og:image:height\" content=\"679\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@swimlane\" \/>\n<meta name=\"twitter:label1\" content=\"\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593\" \/>\n\t<meta name=\"twitter:data1\" content=\"4\u5206\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"0ktapus\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u653b\u6483\u306e\u5b9f\u614b\u3092\u6df1\u304f\u6398\u308a\u4e0b\u3052\u308b","description":"Swimlane \u72ec\u81ea\u306e SOC \u30c1\u30fc\u30e0\u304c\u30ed\u30fc\u30b3\u30fc\u30c9 \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u81ea\u52d5\u5316\u3092\u6d3b\u7528\u3057\u3066\u30010ktapus \u3068\u547c\u3070\u308c\u308b\u6f5c\u5728\u7684\u306a\u30b5\u30d7\u30e9\u30a4 \u30c1\u30a7\u30fc\u30f3\u653b\u6483\u306b\u3069\u306e\u3088\u3046\u306b\u5bfe\u5fdc\u3057\u305f\u304b\u306b\u3064\u3044\u3066\u8aac\u660e\u3057\u307e\u3059\u3002.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/oktapus\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\/","og_locale":"ja_JP","og_type":"article","og_title":"A Deep Dive into the 0ktapus Phishing Attacks","og_description":"Learn how Swimlane\u2019s own SOC team utilized low-code security automation to react to a potential supply chain attack named 0ktapus.","og_url":"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/oktapus\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u30ad\u30e3\u30f3\u30da\u30fc\u30f3\/","og_site_name":"AI Security Automation","article_modified_time":"2026-04-24T11:14:43+00:00","og_image":[{"width":1120,"height":679,"url":"https:\/\/swimlane.com\/wp-content\/uploads\/OktapusMasthead.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_site":"@swimlane","twitter_misc":{"\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593":"4\u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/swimlane.com\/ja\/blog\/oktapus-phishing-campaign\/","url":"https:\/\/swimlane.com\/ja\/blog\/oktapus-phishing-campaign\/","name":"0ktapus\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u653b\u6483\u306e\u5b9f\u614b\u3092\u6df1\u304f\u6398\u308a\u4e0b\u3052\u308b","isPartOf":{"@id":"https:\/\/swimlane.com\/ja\/#website"},"primaryImageOfPage":{"@id":"https:\/\/swimlane.com\/ja\/blog\/oktapus-phishing-campaign\/#primaryimage"},"image":{"@id":"https:\/\/swimlane.com\/ja\/blog\/oktapus-phishing-campaign\/#primaryimage"},"thumbnailUrl":"https:\/\/swimlane.com\/wp-content\/uploads\/OktapusMasthead.png","datePublished":"2022-09-29T14:00:00+00:00","dateModified":"2026-04-24T11:14:43+00:00","description":"Swimlane \u72ec\u81ea\u306e SOC \u30c1\u30fc\u30e0\u304c\u30ed\u30fc\u30b3\u30fc\u30c9 \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u81ea\u52d5\u5316\u3092\u6d3b\u7528\u3057\u3066\u30010ktapus \u3068\u547c\u3070\u308c\u308b\u6f5c\u5728\u7684\u306a\u30b5\u30d7\u30e9\u30a4 \u30c1\u30a7\u30fc\u30f3\u653b\u6483\u306b\u3069\u306e\u3088\u3046\u306b\u5bfe\u5fdc\u3057\u305f\u304b\u306b\u3064\u3044\u3066\u8aac\u660e\u3057\u307e\u3059\u3002.","breadcrumb":{"@id":"https:\/\/swimlane.com\/ja\/blog\/oktapus-phishing-campaign\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/swimlane.com\/ja\/blog\/oktapus-phishing-campaign\/"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/swimlane.com\/ja\/blog\/oktapus-phishing-campaign\/#primaryimage","url":"https:\/\/swimlane.com\/wp-content\/uploads\/OktapusMasthead.png","contentUrl":"https:\/\/swimlane.com\/wp-content\/uploads\/OktapusMasthead.png","width":1120,"height":679,"caption":"Surreal digital illustration of a cybernetic octopus emerging toward a human eye with a mechanical iris, overlaid with glowing red \u201cVULNERABILITY\u201d text, symbolizing cybersecurity threats, data exposure, and digital surveillance risks."},{"@type":"BreadcrumbList","@id":"https:\/\/swimlane.com\/ja\/blog\/oktapus-phishing-campaign\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/swimlane.com\/"},{"@type":"ListItem","position":2,"name":"A Deep Dive into the 0ktapus Phishing Attacks"}]},{"@type":"WebSite","@id":"https:\/\/swimlane.com\/ja\/#website","url":"https:\/\/swimlane.com\/ja\/","name":"\u30ed\u30fc\u30b3\u30fc\u30c9\u30fb\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30aa\u30fc\u30c8\u30e1\u30fc\u30b7\u30e7\u30f3\uff06SOAR\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\uff5c\u30b9\u30a4\u30e0\u30ec\u30fc\u30f3","description":"\u3042\u3089\u3086\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6a5f\u80fd\u3092\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u578bAI\u3067\u81ea\u52d5\u5316","publisher":{"@id":"https:\/\/swimlane.com\/ja\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/swimlane.com\/ja\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Organization","@id":"https:\/\/swimlane.com\/ja\/#organization","name":"\u30ed\u30fc\u30b3\u30fc\u30c9\u30fb\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30aa\u30fc\u30c8\u30e1\u30fc\u30b7\u30e7\u30f3\uff06SOAR\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\uff5c\u30b9\u30a4\u30e0\u30ec\u30fc\u30f3","url":"https:\/\/swimlane.com\/ja\/","logo":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/swimlane.com\/ja\/#\/schema\/logo\/image\/","url":"https:\/\/swimlane.com\/wp-content\/uploads\/sw-inline-logo-color-white.svg","contentUrl":"https:\/\/swimlane.com\/wp-content\/uploads\/sw-inline-logo-color-white.svg","width":912,"height":190,"caption":"Low-Code Security Automation & SOAR Platform | Swimlane"},"image":{"@id":"https:\/\/swimlane.com\/ja\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/swimlane","https:\/\/www.linkedin.com\/company\/swimlane\/"]}]}},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/sw_resource\/9361","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/sw_resource"}],"about":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/types\/sw_resource"}],"author":[{"embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/users\/5"}],"version-history":[{"count":1,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/sw_resource\/9361\/revisions"}],"predecessor-version":[{"id":55837,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/sw_resource\/9361\/revisions\/55837"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/media\/9362"}],"wp:attachment":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/media?parent=9361"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/tags?post=9361"},{"taxonomy":"resource-type","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/resource-type?post=9361"},{"taxonomy":"resource-topic","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/resource-topic?post=9361"},{"taxonomy":"resource-industry","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/resource-industry?post=9361"},{"taxonomy":"blog-category","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/blog-category?post=9361"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}