This report highlights a coordinated cyber extortion campaign involving ShinyHunters and Scattered Spider, targeting Salesforce and potentially expanding to financial and tech sectors. The groups are employing advanced social engineering tactics and exploiting impersonation tactics like phishing pages and VPN obfuscation. #ShinyHunters #ScatteredSpider #BreachForums #UNC6240 #Okta
Keypoints
- The cybercriminal groups are collaborating on targeted attacks, expanding their sector reach.
- New tactics include sophisticated vishing, social engineering, and impersonation of legitimate tools like Okta.
- The attack infrastructure involves phishing domains and credential harvesting pages that mimic SSO login portals.
- Financial services and technology sectors are increasingly likely targets based on domain registration trends.
- Authorities have made arrests related to BreachForums, but there are claims that some arrests may be false or mistaken.
Read More: https://thehackernews.com/2025/08/cybercrime-groups-shinyhunters.html