Fri. Nov 22nd, 2024
Occasional Digest - a story for you

In an online forum on the dark web, the hacker group ShinyHunters are right now spruiking what they say is 1.3 terabytes of Ticketmaster customer data.

Using the avatar of the “shiny” blue Umbreon Pokémon, the group operates much like players in the animated game.

Driven by the aim to “Catch ’em all!”, instead of hunting and collecting Pokémon characters, the cyber criminals steal and resell as much data as they can.

And ShinyHunters appear to be aiming for the high score.

The international syndicate is allegedly behind some of the most notable, high-profile breaches of vast databases in recent years. 

And now they claim to be in possession of the personal details of 560 million global Ticketmaster customers — and are hawking it for $US500,000 ($750,000).

This is what we know about what authorities have called a “remarkably devious” group. 

Data breach sprees 

When ShinyHunters emerged in 2020, the group immediately set out to make a name for themselves.

Across two weeks in May, they went on a data breach spree, claiming to have targeted more than a dozen companies, stealing over 200 million customer records.

That included about 91 million user accounts from Indonesian e-commerce company Tokopedia, and data from Microsoft’s GitHub.

In 2021, they swiped the records of more than 70 million customers at US telco AT&T.

And nearly 200,000 Pizza Hut customers in Australia had their information stolen in a cyber attack in September last year, allegedly carried out by the group.

A screenshot of the ShinyHunters profile on the dark web.
A screenshot of the ShinyHunters promoting a one-time sale of the alleged Ticketmaster data on the dark web.  

A French citizen was arrested in Morocco in 2022 for his involvement in ShinyHunters.

The now 22-year-old, Sebastien Raoult, was extradited to the US and sentenced to three years in prison earlier this year.

He was also ordered to pay more than $US5 million in restitution.

US authorities said he was involved in the group’s activities over two years and was motivated by “pure greed”.

“The lengths to which Mr Raoult and his co-conspirators went to steal personal and financial information are remarkably devious, and he played a substantial part,” Richard Collodi, Federal Bureau of Investigation (FBI) Seattle special agent, said.

hands typing on a computer keyboard.

Experts say significant data breaches are becoming all too common. (Reuters: Samantha Sais)

David Tuffley, a cybersecurity expert from Griffith University, said ShinyHunters were a well-established group who certainly aren’t shy about taking credit for their crimes.

But they communicate in highly encrypted channels and could be operating from anywhere.

“So even if one individual is apprehended, there’s still many out there,” he said. 

“Unfortunately, they are getting better organised all the time … It’s just too difficult to crack into that network.”

Hawking data on their own marketplace

ShinyHunters promoted the sale of the Ticketmaster data on a dark web forum it was known to previously operate.



Source link