When you purchase through links on our site, we may earn an affiliate commission. This doesn’t affect our editorial independence.
The cybercrime organisation ShinyHunters has garnered worldwide attention after an attack from the group prompted Google to advise 2.5 billion users to enhance their security due to a data breach.
ShinyHunters and various other groups have recently focused on large companies using voice-based social engineering (known as “vishing,” which is short for voice phishing). This is in contrast to classical data breaches, where hackers directly infiltrate databases containing important information
Social Engineering as a Tool for Cyberattacks
Social engineering occurs when an individual is deceived or influenced into sharing information or taking actions they typically wouldn’t engage in.
In this situation, a criminal would impersonate a target company’s IT support team member to persuade an employee to reveal passwords and/or multi-factor authentication codes. Despite not being a new tactic, the employment of deepfakes and generative AI to mimic voices renders this form of social engineering more challenging to identify.
This year alone, firms including Qantas, Pandora, Adidas, Chanel, Tiffany & Co., and Cisco have been attacked using social engineering strategies, impacting millions of users.
Check Out Previous Posts on this Site
Cybersecurity Startup Cyberrey launches Groundbreaking Software
World Password Day 2025: Sophos Calls for the End of Passwords
Origins of ShinyHunters
ShinyHunters originated in 2020 and claims that it has effectively targeted 91 victims. The group mainly seeks financial gain but is willing to inflict reputational harm on its targets.
ShinyHunters earlier targeted firms by exploiting weaknesses in cloud applications and database websites. However, their implementation of social engineering techniques is a more effective strategy. They can access extensive data sets from various clients in a single attack by pretending to be customer service providers.
In mid-August, ShinyHunters announced on Telegram that they collaborated with notorious threat group, Scattered Lapsus$ Hunters, to attack firms like Salesforce and Allianz Life. Telegram removed the channel just days after its launch. They released Allianz Life’s Salesforce data to the public, containing 2.8 million records associated with individual clients and corporate partners.
Scattered Lapsus$ Hunters; Another Emerging Threat
Scattered Lapsus$ Hunters, an emerging cybercrime group, has announced that they have begun offering ransomware as a service. This indicates they will execute ransomware attacks for other organisations ready to compensate them.
Image Credit: Obsidian Security
They claim that their service surpasses other cybercrime organisations like LockBit and Dragonforce. Instead of engaging in negotiations discreetly, the organisation frequently releases public extortion announcements.
Who Are All These Cybercriminals?
There is probably a considerable overlap in membership among ShinyHunters, Scattered Lapsus and others. All these organisations are global, with participants working on the dark web from different regions of the world.
Compounding the problem, every group is referred to by various names. Scattered Lapsus$ has also been referred to as UNC3944, Scatter Swine, Oktapus, Octo Tempest, Storm-0875, and Muddled Libra.
How Can We Safeguard Ourselves Against Vishing?
Techniques Social engineering techniques exploit human feelings and the inclination to trust and help others. As daily users and consumers of major tech products, there is very little we can do against structured cybercrime organisations.
Image credit: Cyber Wardens
Staying personally protected from scams requires perpetual alertness. An emerging technique like Geo-verification uses an individual’s actual location as an extra means of authentication.
