- ShinyHunters threatens ZenBusiness with a deadline to leak stolen data
- The group likely accessed internal company files through vishing and platform compromise
- ZenBusiness joins the long list of ShinyHunters victims, including Infinite Campus, Telus, and Crunchyroll.
The infamous ShinyHunters ransomware actors have given ZenBusiness a “final warning” before leaking terabytes of stolen data.
cyber news reported that ShinyHunters added ZenBusiness to its data leak site and gave a deadline of March 25 to receive a ransom payment or leak data and create “several annoying (digital) problems” for the company.
ZenBusiness is a US-based platform that helps entrepreneurs launch and manage small businesses by offering LLC formation, compliance, and administrative tools. Its clients are freelancers, startups and small business owners, and it generates an estimated annual revenue of $75 million.
Article continues below.
Weakening the competitive sword
Over the past year, ShinyHunters has been an incredibly active threat actor. Security researchers said the group often engages in vishing (voice phishing), calling employees of targeted companies and posing as IT security personnel.
In these calls, they request remote access to their targets’ devices to “troubleshoot” or fix a 2FA issue.
After they are granted access, they often access different platforms such as Salesforce or Snowflake, through which they can exfiltrate sensitive data and then extort money from victims. While neither party confirmed the nature of the stolen data, security researchers at cyber news He said the files were “probably internal company data.”
“The hackers […] could potentially reveal customer or employee information, such as PII, the type of businesses that were created with the platform,” the researchers said in a press release shared with TechRadar Pro.” The breach could also expose the company’s internal operations, which may reduce ZenBusiness’ competitive advantage.”
ZenBusiness is just the next in a long line of ShinyHunters victims. Just two days ago, it was reported that 11 million people were affected after the group stole files from Infinite Campus, and before that it was Telus Digital, Wynn Resorts, Crunchyroll, and many others.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
