- Google has confirmed the suffering of a data violation
- The attack was led by Shinyhuters, once again
- The group has apparently slipped into a dirty body
Cybercriminals known as Shinyhuters (UNC6040) have recently burst into Google and have stolen information on commercial customers from one of its company Salesforce bodies, the company confirmed.
In a blog article decomposing the Modus Operandi of Shinyhunters, the company has somewhat played the importance of the incident, noting that the disbelievers have really seized anything or a particular value.
“In June, one of the Salesforce de Google bodies was affected by a similar UNC6040 activity described in this article,” said the company, “the data recovered by the threat player has linked to basic commercial information and widely accessible to the public, such as corporate names and contact details.”
“Commercial information accessible to the public”
Shinyhuanters is a threat player who targets the company’s Salesforce bodies, usurging the identity of the company’s staff and calling for the phone.
During the call, they tell the IT technician that they lost access to their work platform and manage to convince them to change the connection identification information.
Although this may seem trivial, the technique seems to work fairly well, because several organizations have recently reported the loss of data sensitive to the same group, in the same way.
Google did not say how many companies have been affected by the violation and refused to comment more. We do not know if Shinyhuters stretched out with a ransom request in exchange for destroying stolen files.
Currently, Shinyhunters is one of the most active threats of threats, and probably among the most successful.
In recent weeks, the group has managed to enter the life of the Pandora giant and Allianz insurance, and has also taken the credit of violations in At& T, Santander, Ticketmaster and many others.
The group does not deploy an encryptor and rather focuses on data exfiltration, which makes it one of the many ransomware groups that have recently pivoted the files, an apparently expensive process that takes time.
Via Techcrunch
