shinyhunters

 

One hack, two hack, three hack, four hack … where will the list of attacks end? 


 

Checking all the Boxes

Today is Friday, May 15th, 2020. The current status of the US entails scattered quarantine lockdowns and a prolonged “rough start” to 2020. Well, we’re five months in now, so it can only go up from here, right?

All right, did we come here for a pep talk? Maybe… but more so for the 12th installment of the cyber attack of the week series here at CPG.

This week, we have several incidents on our hands. We can all give the trophy to hacking group, ShinyHunters for all the recent events. Several companies including ChatBooks, Home Chef and Tokopedia (to name a few) became victims of several attacking this month.

Now, let’s take a look at how everything went down, and what happened to these companies. 

 

The ShinyHunter’s Attack

To begin, the ShinyHunters hacking group recently listed at least 11 listings for company records on a dark web forum / marketplace. After the discovery of the listings, cyber security researchers and other firms began to look into the group. 

Looking into the group briefly, researchers believe it to be “a reincarnation of GnosticPlayers” (databreaches.net). This group presents a lengthy history of identities online. Thus, making it slightly difficult for researchers to gather info on the group, and pin their members down. 

Pivoting back to the breaches, the following companies appeared on the dark web market place, with stolen records for sale.

 

Tokopedia Minted  Mindful Chronicle of Education
HomeChef  StyleShare Star Tribune Zoosk
Bhinneka  Ggumim  Chatbooks

 

Of the 11 listed, only several of the companies released a statement to customers regarding the breach. It is unclear whether or not the other businesses know that their breached information is being sold online, or even if they knew of the breach at all. The Image below depicts the dark web marketplace listing for the stolen records. (image via databreaches.net)

 

Chatbooks released a statement regarding their breach. In their statement, the Chatbooks CEO recognizes the breach, as well as states that no credit card information was compromised in the attack. They recommend updating your account password and to stay vigilant. 

The only other company (so far) to release a confirmation statement is Tokopedia. The company commented to new outlets regarding the issue. Also adding that a cyber investigation is underway.

 

Patching Things Up

I’m sure in the time we took to review the breaches and attacks, more companies will become aware of what happened. Further, there may be even more companies facing a breach that were not listed on a marketplace forum yet.

Only time will tell if another discovery comes to light. Or, if the ShinyHunters group strikes again. All we can do is sit back and watch. Unless you’re a pen tester, like myself. Companies, if you are reading this and the idea of your records being sold on the dark web scares you, give my office a call. 

Proactive  security is the way of the future trust me. Take the time to secure your networks and databases now, so you don’t end up being breached and vulnerable later. 

 

By Taylor Ritchey