ShinyHunters

From Wikipedia, the free encyclopedia

ShinyHunters is a criminal black-hat hacker group that is said to have been involved in numerous data breaches. The stolen information is often sold on the dark web.[1][2]

Name and Alias[]

The Twitter profile of the group maintains a shiny Pokémon profile picture, indicating that the name is possibly derived from the game of the same name. Within the game, players spend hours hunting for rare shiny Pokémon. This may lend credence to the group's motivation: hunting for shiny or rare artefacts, which is, for them, user data.[3][4]

Notable data breaches[]

  • Tokopedia: On 2 May 2020 Tokopedia was breached by Shinyhunters. This breach affected 15 million user records, revealing users' gender, location, username, full name, email address, phone number, and hashed passwords.[1]
  • Wishbone: Also in May 2020, ShinyHunters leaked the full user database of Wishbone, which is said to contain personal information such as usernames, emails, phone numbers, city/state/country of residence, and hashed passwords.[5]
  • Microsoft: In May 2020, ShinyHunters also claimed to have stolen over 500 GB of Microsoft source code from the company's private GitHub account. The group published around 1GB of data from the hacked GitHub account to a hacking forum. Some cybersecurity experts doubted the claims until analyzing the code; upon analysis, ShinyHunters' claims were no longer in question. Microsoft told WIRED Magazine in a statement that they are aware of the breach. Microsoft later secured their GitHub account, which was confirmed by ShinyHunters as they reported being unable to access any repositories.[6][7][8]
  • Wattpad: In July 2020, ShinyHunters gained access to the Wattpad database containing 270 million user records. Information leaked included usernames, real names, hashed passwords, email addresses, geographic location, gender, and date of birth.[9][10][11]
  • Pluto TV: In November 2020, it was reported that ShinyHunters gained access to the personal data of 3.2 million Pluto TV users. The hacked data included users' display names, email addresses, bcrypt hashed password, birthday, device platform, and IP address.[12][13]
  • Animal Jam: It was also reported in November 2020 that ShinyHunters was behind the hack of Animal Jam, leading to the exposure of 46 million accounts.[14][15]
  • Mashable: In November 2020, ShinyHunters leaked 5.22GB worth of the Mashable database on a prominent hacker forum.[16]
  • Pixlr: In January 2021, ShinyHunters leaked 1.9 million user records stolen from Pixlr.[17]
  • Nitro PDF: In January 2021, a hacker claiming to be a part of ShinyHunters leaked the full database of Nitro PDF — which contains 77 million user records — on a hacker form for no charge.[18]
  • Bonobos: Also in January 2021 it was reported that ShinyHunters leaked the full Bonobos backup cloud database to a hacker forum. The database is said to contain the address, phone numbers, and order details for 7 million customers; general account information for another 1.8 million registered customers; and 3.5 million partial credit card records and hashed passwords.[19]
  • Aditya Birla Fashion and Retail: In December 2021, Indian retailer Aditya Birla Fashion and Retail were breached and ransomed. The ransom demand was allegedly rejected and data containing 5.4M unique email addresses were subsequently dumped publicly on a popular hacking forum the next month. The data contained extensive personal customer information including names, phone numbers, physical addresses, DoBs, order histories and passwords stored as MD5 hashes[20]

Other data breaches[]

The following are other hacks that have been credited to or allegedly done by ShinyHunters. The estimated impacts of user records affected are also given.[21][22][23]

  • - 100 million user records[24]
  • Zoosk - 30 million user records[25]
  • -15 million user records[25]
  • - 6 million user records[25]
  • Home Chef - 8 million user records[25]
  • Minted - 5 million user records[25]
  • Chronicle of Higher Education - 3 million user records[25]
  • - 2 million user records[25]
  • Mindful - 2 million user records[25]
  • - 1.2 million user records[25]
  • StarTribune - 1 million user records[25]
  • Dave.com- 7.5 million users[26]
  • - 2.4 million user records[27]
  • - 1.3 million user records[27]
  • - 20 million user records[28]
  • - 475,000 user records[28]
  • - 127,000 user records[28]
  • - 25.8 million user records[28]
  • - 444,000 user records[27]
  • Promo.com - 22 million user records[29]
  • - 3 million user records[28]
  • - 5.8 million user records[27]
  • Swvl - 4 million user records[28]
  • - Unknown[30]
  • - 602,000 user records[27]
  • - 4.8 million user records[27]
  • - 5.8 million user records[27]
  • - 6 million user records[28]
  • - 1.2 million user records[28]
  • Unacademy - 22 million user records[31][32]
  • Aditya Birla Fashion and Retail - 5.4 million user records[28]
  • In August 2020, ShinyHunters hacked Hack Forums with a defacement message, using a Pokemon image and music.[33]

Lawsuits[]

ShinyHunters group is under investigation from the FBI, the Indonesian police, and the Indian police for the Tokopedia breach. Tokopedia's CEO and founder also confirmed this claim via a statement on Twitter.[34][35]

Minted company has reported the group's hack US federal law enforcement authorities; the investigation is still in its early stages.[36]

Administrative documents from California also reveal how ShinyHunters' hack has led to Wishbone maker facing a class-action lawsuit.[37]

Animal Jam has also stated that they are preparing to report ShinyHunters to the FBI Cyber Task Force and notify all affected emails. They have also created a 'Data Breach Alert' on their site to answer questions related to the breach.[38]

BigBasket has filed a First Information Report (FIR) on November 6, 2020, to the Bengaluru Police to investigate the incident.[39]

Dave also initiated an investigation against the group for the company's security breach. The investigation is ongoing and the company is coordinating with local law enforcement and the FBI.[40]

Wattpad stated that they reported the incident to law enforcement and engaged third-party security experts to assist them in an investigation.[41]

References[]

  1. ^ a b "ShinyHunters Is a Hacking Group on a Data Breach Spree". Wired. ISSN 1059-1028. Retrieved 2021-01-25.
  2. ^ Cimpanu, Catalin. "A hacker group is selling more than 73 million user records on the dark web". ZDNet. Retrieved 2021-01-25.
  3. ^ https://twitter.com/sh_corp[bare URL]
  4. ^ https://www.optiv.com/sites/default/files/2020-08/TL_2020-CTIE-Report_Whitepaper.pdf
  5. ^ Cimpanu, Catalin. "Hacker leaks 40 million user records from popular Wishbone app". ZDNet. Retrieved 2021-01-25.
  6. ^ "Microsoft's GitHub account breached by threat actors Shiny Hunters". TechGenix. May 21, 2020.
  7. ^ "'Shiny Hunters' bursts onto dark web scene following spate of breaches". SC Media. May 8, 2020.
  8. ^ "Microsoft's GitHub account hacked, private repositories stolen". BleepingComputer.
  9. ^ Deschamps, Tara (2020-07-21). "Wattpad storytelling platform says hackers had access to user email addresses". CTVNews. Retrieved 2021-01-25.
  10. ^ "Wattpad warns of data breach that stole user info | CBC News". CBC. Retrieved 2021-01-25.
  11. ^ "Wattpad data breach exposes account info for millions of users". BleepingComputer. Retrieved 2021-01-25.
  12. ^ "ShinyHunters hacked Pluto TV service, 3.2M accounts exposed". Security Affairs. 2020-11-15. Retrieved 2021-01-25.
  13. ^ "3 Million Pluto TV Users' Data Was Hacked, But the Company Isn't Telling Them". www.vice.com. Retrieved 2021-01-25.
  14. ^ "Animal Jam was hacked, and data stolen; here's what parents need to know". TechCrunch. Retrieved 2021-01-25.
  15. ^ "Animal Jam kids' virtual world hit by data breach, impacts 46M accounts". BleepingComputer. Retrieved 2021-01-25.
  16. ^ "ShinyHunters hacker leaks 5.22GB worth of Mashable.com database".
  17. ^ Service, Tribune News. "Hacker leaks 1.9 million user records of photo editing app Pixlr". Tribuneindia News Service. Retrieved 2021-01-25.
  18. ^ "Hacker leaks full database of 77 million Nitro PDF user records". BleepingComputer. Retrieved 2021-01-25.
  19. ^ "Bonobos clothing store suffers a data breach, hacker leaks 70GB database". BleepingComputer. Retrieved 2021-01-25.
  20. ^ "Bonobos clothing store suffers a data breach, hacker leaks 70GB database". RestorePrivacy. Retrieved 2022-01-11.
  21. ^ May 2020, Jitendra Soni 11 (11 May 2020). "ShinyHunters leak millions of user details". TechRadar. Retrieved 2021-01-25.
  22. ^ July 2020, Nicholas Fearn 29 (29 July 2020). "386 million user records stolen in data breaches — and they're being given away for free". Tom's Guide. Retrieved 2021-01-25.
  23. ^ ""Shiny Hunters" Hacker Group Keep 73 Mn User Records on Darknet". CISO MAG | Cyber Security Magazine. 2020-05-11. Retrieved 2021-01-25.
  24. ^ "Amazon, Swiggy's payment processor hit by data breach". The Times of India. Retrieved 2021-01-05.
  25. ^ a b c d e f g h i j Cimpanu, Catalin. "A hacker group is selling more than 73 million user records on the dark web". ZDNet.
  26. ^ "ShinyHunters Offers Stolen Data on Dark Web". Dark Reading. 28 July 2020. Retrieved 2021-01-25.
  27. ^ a b c d e f g "ShinyHunters Offers Stolen Data on Dark Web". Dark Reading. 28 July 2020.
  28. ^ a b c d e f g h i "ShinyHunters leaked over 386 million user records from 18 companies". Security Affairs. July 28, 2020.
  29. ^ "Promo.com data breach impacts 23 million content creators". The Daily Swig | Cybersecurity news and views. July 28, 2020.
  30. ^ Taylor, Charlie. "Irish start-up Glofox investigates possible data breach". The Irish Times. Retrieved 2021-01-25.
  31. ^ "Shiny Hunters Group Selling Data Stolen From 11 Different Companies".
  32. ^ "Shiny Hunters hackers try to sell a host of user records from breaches". MalwareTips Community.
  33. ^ .net "Archived copy". hackforums .ne. Archived from .net the original on 29 August 2020. Retrieved 15 January 2022. {{cite web}}: Check |archive-url= value (help); Check |url= value (help)CS1 maint: archived copy as title (link)
  34. ^ "Who are Shiny Hunters?". AndroidRookies. May 21, 2020.
  35. ^ https://twitter.com/UnderTheBreach/status/1260518239362338816[bare URL]
  36. ^ "Minted confirms data breach as Shiny Hunters sell its database".
  37. ^ "Wishbone App Maker Mammoth Media Hit with Class Action Over Data Breach Affecting 40 Million Users". www.classaction.org.
  38. ^ "Animal Jam kids' virtual world hit by data breach, impacts 46M accounts". BleepingComputer.
  39. ^ "BIGBASKET, INDIA'S LEADING ONLINE SUPERMARKET SHOPPING, ALLEGEDLY BREACHED. PERSONAL DETAILS OF OVER 20 MILLION PEOPLE SOLD IN DARKWEB | Cyble". cybleinc.com. 7 November 2020.
  40. ^ "Security incident at Dave". A Banking Blog for Humans. July 25, 2020.
  41. ^ "FAQs on the Recent Wattpad Security Incident". Help Center.
Retrieved from ""