Cybercriminal group Shinyhunters, also known as ShinyCorp, has been a well-known name since it emerged in 2020. During this time, it has leaked the information of over a billion internet users, contributing to the trend of alarming mass data dumps.

Within the past few days, the group has claimed responsibility for two giant attacks against major bank Santander and the booking and ticketing service provider Ticketmaster.

The attack against Santander has seen the group attempt to sell what it claims to be confidential information belonging to millions of customers and employees. The data is claimed to include 30 million people’s bank account details, 6 million account numbers and balances, 28 million credit card numbers and HR information, which they are attempting to sell on the dark web for around 2 million dollars.

Santander has claimed that its banking systems are still secure and that no UK customer data has been affected. Currently, there have been no claims about the accuracy of the data stolen.

The attack against Ticketmaster was entirely separate. Ticketmaster is one of the largest ticket sales platforms in the world, serving customers globally. The details of this attack are still emerging, with Ticketmaster yet to confirm if the attack is genuine. The group claims to have access to 560 million records from Ticketmaster customers, including names, addresses, phone numbers, and partial credit card details. If true, this would be the most significant data breach ever regarding the extent of data stolen.

Currently, this data is being held for a half-a-million dollar ransom payable by Ticketmaster to prevent the group from selling it to other parties.

How do Shinyhunters hack?

While exact methods continue to have a level of secrecy, they have gained recognition for their sophisticated hacking techniques and large-scale data breaches. These processes are both methodical and cunning, and various strategies are deployed to infiltrate and exploit vulnerabilities in digital infrastructure and its users. This is executed through a variety of methods, such as:

  • Deploying Phishing and other social engineering attacks. This involves using email or other communication platforms (such as Microsoft Teams or WhatsApp) to trick individuals into revealing sensitive information or running a malicious file. Click here to learn more about social engineering.
  • Leveraging the Dark Web. The group use the Dark Web, a hidden part of the internet known for criminal activity, to profit from the data that they are stealing. They do this by selling or trading the stolen information.
  • Scouring GitHub Repositories for vulnerabilities. GitHub is a platform where developers store and manage their code. Shinyhunter members will scour this to find any vulnerabilities that have been inadvertently left.
  • Exploiting insecure Cloud Buckets. These are online storage spaces where businesses and individuals can store data. When not properly secured, they are like open treasure chests inviting attackers in.
  • Targeting Websites and Developer tools. The group can access websites and developer tools by using stolen login credentials or API keys (special access tokens). Once in possession of this information, it is simple for the group to extract data.

What can you do to protect yourself and your business?

Regardless of the presence of the Shinyhunters group, data breaches will remain a constant threat. It is critical to follow these simple steps as a baseline of protection:

  • Be cautious with emails and links. Don’t action anything suspicious and verify senders where required.
  • Use strong, unique passwords for all services and avoid password reuse. Consider using a password manager to generate and securely store all your passwords.
  • Enable multi-factor authentication to all accounts to add an extra layer of security.
  • Keep all software and operating systems up to date. Software updates often include security patches that fix vulnerabilities.
  • Stay informed. Know what to look for in the digital world and on top of the ever-changing threat landscape.

How can CTRL-S help?

CTRL-S has a wealth of experience implementing robust security systems designed with your business in mind. We provide comprehensive software packages, security monitoring, and tailored security awareness training for your whole team. We take the work away, locking your data away from prying eyes. Get in touch today to see how we can help secure your business.

Subscribe today to receive our latest updates!


Get in Touch Today!

Thank you for your message. It has been sent.
There was an error trying to send your message. Please try again later.

Related Posts

If you enjoyed reading this, please explore our other articles below:

Ever felt lost in the labyrinth of the IT world,...
Read More
We’re thrilled to announce the launch of our newly updated...
Read More
For any business, growth is paramount. Companies constantly seek ways...
Read More
We’d like to say a big thank you to all...
Read More
back to all posts