Shinyhunters

Threat Actor updated 10 months ago (2024-11-29T14:52:44.858Z)
Download STIX
Preview STIX
ShinyHunters, a notorious threat actor group, has been involved in several significant data breaches, posing a serious cybersecurity concern for businesses worldwide. The group is known for its malicious activities targeting corporate entities, with the intent of stealing proprietary information. Between April 2020 and July 2021, ShinyHunters was responsible for the sale of hacked data from over 60 companies, which they leaked on various dark web forums including RaidForums, EmpireMarket, and Exploit. Notably, the group claimed to have stolen data of 30 million Santander customers and more recently, 33 million phone numbers from Twilio. One of the key members of ShinyHunters, Sebastien Raoult (also known as “Seyzo Kaizen”), a French national, was extradited from Morocco to the United States in January 2023. Raoult, along with two other co-conspirators, faced charges for hacking into protected computers and theft of stolen proprietary information. Their actions highlighted the global reach and damaging potential of such threat actors. In a significant development, Raoult was sentenced in U.S. District Court in Seattle to three years in prison and ordered to pay more than $5 million in restitution for conspiracy to commit wire fraud and aggravated identity theft. This sentencing marks an important step in holding threat actors accountable for their actions, demonstrating the ongoing efforts by law enforcement agencies to combat cybercrime and protect businesses from such threats.
Description last updated: 2024-10-17T11:46:13.667Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Breachforums
Extortion
Cybercrime
Phishing
Ransom
Ransomware
Exploit
Google
Salesforce
Data Leak
Telegram
Aws
Credentials
Vulnerability
Vishing
Fraud
Snowflake
Oracle
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Hunters Malware is associated with Shinyhunters. Malware hunters, often referred to as bug hunters, play a critical role in cybersecurity by identifying and addressing vulnerabilities in software systems. In 2023, these professionals proved their worth at the Pwn2Own Toronto event where they identified 58 unique zero-day vulnerabilities, earning aUnspecified
3
The Rover Malware is associated with Shinyhunters. Rover is a malicious software (malware) that has the potential to exploit and damage computer systems or devices. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Rover can steal personal information, disrupt operations, or evenUnspecified
2
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Scattered Spider Threat Actor is associated with Shinyhunters. Scattered Spider, also known as Octo Tempest, 0ktapus, and UNC3944, is a notorious threat actor group involved in major data extortion campaigns. This cybercriminal group has been associated with high-profile attacks on organizations like Caesars Entertainment and MGM, often in collaboration with thUnspecified
7
The Lapsus Threat Actor is associated with Shinyhunters. Lapsus is a significant threat actor that has been active since its inception in early 2022. The group gained notoriety for its cyberattacks, including a high-profile breach of Nvidia, an American multinational technology company, in the same year. This attack led to the leak of thousands of passworUnspecified
3
Source Document References
Information about the Shinyhunters Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Krebs on Security
13 hours ago
InfoSecurity-magazine
a day ago
Securityaffairs
a day ago
Malwarebytes
a day ago
CrowdStrike
a day ago
InfoSecurity-magazine
2 days ago
Securityaffairs
3 days ago
Securityaffairs
4 days ago
Securityaffairs
6 days ago
Securityaffairs
8 days ago
Checkpoint
9 days ago
InfoSecurity-magazine
15 days ago
InfoSecurity-magazine
16 days ago
InfoSecurity-magazine
22 days ago
InfoSecurity-magazine
22 days ago
Securityaffairs
24 days ago
Securityaffairs
25 days ago
InfoSecurity-magazine
a month ago
Malwarebytes
a month ago
InfoSecurity-magazine
a month ago