ShinyHunters and Scattered Spider: A Comedy of Cybercrime? Financial Services Beware!
Data extortionists ShinyHunters and Scattered Spider are teaming up, expanding their phishing and vishing attacks to financial services. While ShinyHunters claims French authorities botched their arrest, they have since been linked to global Salesforce attacks. Meanwhile, their new Telegram channel briefly teased a ransomware service, ShinySp1d3r, before vanishing.
Hot Take:
ShinyHunters and Scattered Spider walk into a bar… and walk out with your data. These cybercriminals are like the rockstars of the hacking world, teaming up for a world tour of mischief and mayhem. It’s like the Avengers of the dark web, except they’re not saving the world; they’re stealing it, one Salesforce account at a time. Watch out, financial services and tech providers: you’re the next stop on their ‘Catch Us If You Can’ tour. Better lock up your data—it’s going to be a bumpy ride!
Key Points:
– ShinyHunters and Scattered Spider are reportedly collaborating on data extortion campaigns targeting Salesforce customers.
– Their tactics include vishing, social engineering, and Okta-themed phishing, with a focus on financial and tech sectors.
– ShinyHunters has a history on cybercrime forums and was involved in BreachForums’ relaunch.
– French authorities arrested individuals linked to BreachForums, but the arrests are contested by the accused group.
– A new group, “scattered lapsu$ hunters,” briefly appeared on Telegram, hinting at future threats like ransomware-as-a-service.