Shiny Hunters hacker group claims to have hacked 10 companies and is currently selling user data stolen from them on the dark.
Shiny Hunters is a grouping that last week claimed responsibility for hacking Microsoft's GitHub repositories, as well as recently hacked tokopedia – The largest online store in Indonesia. So, initially, hackers leaked the data of 15,000,000 Tokopedia users for free, and later put up for sale the entire database of the company containing 91,000,000 million records, valuing it at $ 5,000.
Apparently, the profit from the sale of Tokopedia data inspired the hackers, as now the group put up another 10 companies for sale of stolen databases. Among them:
- Zoosk dating app (30 million entries);
- Chatbooks print service (15 million entries; company officially confirmed compromise);
- South Korean fashion platform SocialShare (6 million entries);
- Home Chef food delivery service (8 million records);
- Minted online store (5 million entries);
- Chronicle of Higher Education online newspaper (3 million entries);
- South Korean furniture magazine GGuMim (2 million entries);
- Mindful Medical Journal (2 million entries);
- Indonesian online store Bhinneka (1.2 million entries);
- American newspaper StarTribune (1 million entries).
The total listed databases totaled 73.2 million records, which hackers estimated at about $ 18,000, with each database sold separately. Attackers shared “samples” of some databases with potential buyers, and journalists of the publication Zdnet made sure that hackers are selling very real user data.
At the same time, the authenticity of some databases cannot yet be verified, although many representatives of the information security community, including Nightlion Security, Under the Breach, and ZeroFOX, believe that Shiny Hunters are not joking and are a very dangerous hack group.
Some also believe that Shiny Hunters might be associated with Gnosticplayers, another hacker group that works in a similar fashion, was very active last year and sold over a billion credentials on the darknet.