Home / Technology / ShinyHunters: New vishing attacks hit major US companies
ShinyHunters: New vishing attacks hit major US companies
29 Jan
Summary
- ShinyHunters group claims responsibility for cyberattacks.
- Vishing techniques used to compromise credentials and access systems.
- Bumble, Panera Bread, Match, and CrunchBase reported incidents.
A cybercrime group known as ShinyHunters has claimed responsibility for a series of cyberattacks targeting prominent US companies. The affected organizations include Bumble Inc., Panera Bread Co., Match Group Inc., and CrunchBase Inc. These attacks are part of a broader social engineering campaign that cybersecurity experts are warning about.
The ShinyHunters group has reportedly employed sophisticated "vishing" techniques, a form of social engineering over voice calls, to trick individuals into revealing credentials. This allowed them to gain remote access to company systems and potentially steal sensitive data. Mandiant, a cybersecurity firm, noted that hackers often pivot to software-as-a-service environments after initial access.
Bumble confirmed that a contractor's account was compromised, leading to brief unauthorized access to a small network segment, but assured that core user data remained secure. Panera Bread and Match Group also reported cybersecurity incidents involving contact information and limited user data, respectively, and have alerted law enforcement. CrunchBase indicated that corporate network documents were affected.
