Hacker Group ShinyHunters
Overview
ShinyHunters is a criminal black-hat hacker group. It appeared in 2020 and 2021, and have done numerous data breaches to sell the stolen data on dark web. Its name is derived from a mechanic, shiny Pokemon, in the Pokemon video game franchise. In this game, the Pokemon have a rare chance to encounter an alternate "shiny" color scheme, considered as elusive to the players. A group's avatar on their Twitter profile also contains the picture of a shiny Pokemon.
Recently, a key member of the threat group named, Sebastien Raoult, was arrested and pleaded guilty for his cyber crimes. He is a 22-year old French man, also known as Sezyo Kaizen, was sentenced to three years in prison and ordered to pay $5 million in restitution.
Data Breaches in the Targeted Organizations
ShinyHunters have stolen a large amount data from following organizations and even asked ransom from some of them:
- AT&T Wireless
- Tokopedia
- Wishbone
- Microsoft
- Wattpad
- Pluto TV
- Animal Jam
- Mashable
- Pixir
- Nitro PDF
- Bonobos
- Aditya Birla Fashion and Retail
- Mathway
How Does it Work?
The threat group lure their victims via phishing emails to harvest the entered credentials. They craft malicious webpages in the disguise of legitimate businesses. The gang then use the harvested credentials to enter into the victims' account and steal corporate data along with the credentials used for accessing the company networks and third-party providers like cloud storage services.
After that, ShinyHunters advertise everything for sale on dark web forums. They have marketed the stolen data of more than 60 companies and also asked ransom from some of their victims.
Protection Against ShinyHunters
Following steps might help in protecting a system against such ransomware attacks:
- Implement strong passwords.
- Activate Multi-Factor Authentication (MFA).
- Simple user account permissions.
- Clear unused and outdated user accounts.
- System configurations to strictly follow all security procedures.
- Always have system backup in a remote configuration.
- Have updated cybersecurity solution in place.
Conclusion
Although one of the key members of this notorious threat group is already in prison, organizations should still take strict protective measures against to retaliate such cyber attacks. Since they have caused damaged to many important and famous organizations, they should not be taken lightly by anyone.
Comments
Post a Comment