CrowdStrike says The Com-affiliated threat groups are using voice phishing and fake SSO pages to break into SaaS environments and steal data fast for extortion.

The botnet, which compromised routers and IoT devices in 163 countries, claimed about 369,000 victims and $5.8 million from its cybercriminal customers, officials said.