Google Breached by 'ShinyHunters' Hackers After Warning Others About Them

In a bizarre twist of fate, Google has fallen victim to the notorious "ShinyHunter" hacking gang - just weeks after issuing a warning about their activities.

The breach occurred when ShinyHunter's hackers accessed a Google corporate account with Salesforce, a customer relationship management service provider. However, unlike typical high-profile hacks, this incident seems to have targeted small and medium-sized businesses (SMBs) rather than everyday internet users.

"The [Salesforce] instance was used to store contact information and related notes for small and medium businesses," Google explained in a statement. "The data retrieved by the threat actor was confined to basic and largely publicly available business information, such as business names and contact details."

Fortunately, the hackers were only able to access the data during a brief window of time before their access was cut off, according to Google. However, the company has not disclosed further details about the number of affected businesses.

The Tactics Behind the Breach

The ShinyHunter gang is known for using "voice phishing" tactics, where they impersonate customer support agents to trick victims into handing over sensitive information or installing malicious software. This approach has proven particularly effective in convincing employees within English-speaking branches of multinational corporations.

In June, Google's Threat Intelligence team published a post warning about the ShinyHunters group and their voice phishing tactics. They noted that this approach had been used successfully by the group to breach networks and steal confidential data with the goal of extorting victims through ransom.

The Connection to Scattered Spider

Security researchers suspect that ShinyHunter and another hacking group, Scattered Spider, might have overlapping membership or be targeting the same industries, making attribution more challenging. Both groups focus on stealing confidential data for extortion purposes.

However, while Scattered Spider has been known to deploy ransomware after breaching a company's network, US cyber authorities report that ShinyHunter's tactics tend to be more focused on using voice phishing and other social engineering tactics to manipulate victims into handing over sensitive information.

The Importance of Vigilance

As with any cybersecurity incident, it's essential for businesses and individuals alike to remain vigilant and take steps to protect themselves. This includes implementing robust security measures, staying up-to-date with the latest threat intelligence and best practices, and being cautious when interacting with unsolicited communications or requests for sensitive information.

By staying informed and taking proactive steps to safeguard against these types of attacks, we can reduce our risk of falling victim to hacking groups like ShinyHunter and Scattered Spider.