Over 100 Organizations Targeted in ShinyHunters Phishing Campaign

Over 100 Organizations Targeted in ShinyHunters Phishing Campaign

Briefly

"Many major organizations appear to have been targeted in a recent cybercrime campaign linked to the ShinyHunters group, according to security firm Silent Push. Over the past 30 days, Silent Push has identified domains suggesting that the threat actors have been preparing or conducting attacks against at least 100 organizations in sectors such as software and technology, financial, biotech and pharma, financial services, real estate, energy and utilities, healthcare, logistics and transportation, manufacturing, retail, and insurance. Silent Push has named major companies such as Atlassian, Adyen, Canva, Epic Games, HubSpot, Moderna, ZoomInfo, GameStop, WeWork, Halliburton, Sonos, and Telstra."

"In attacks observed by Okta and others, threat actors used specialized phishing kits that enable them to intercept credentials and trick victims into helping them bypass multi-factor authentication. "The most critical of these features are client-side scripts that allow threat actors to control the authentication flow in the browser of a targeted user in real-time while they deliver verbal instructions or respond to verbal feedback from the targeted user," Okta explained. It added, "It's this real-time session orchestration that delivers the plausibility required to convince the threat actor's target to approve push notifications, submit one time passcodes (OTP) or take other actions the threat actor needs to bypass MFA controls.""