- ShinyHunters threatens ZenBusiness with a deadline to leak stolen data
- The group likely gained access to internal company files via vishing and platform compromise
- ZenBusiness joins a long list of ShinyHunters victims, including Infinite Campus, Telus and Crunchyroll
The notorious ShinyHunters ransomware actors have given ZenBusiness a “final warning” before leaking terabytes of stolen data.
Cyber news reported ShinyHunters added ZenBusiness to its data leak page and gave a March 25 deadline to receive a ransom payment or leak data and create “several annoying (digital) problems” for the company.
ZenBusiness is a US-based platform that helps entrepreneurs start and run small businesses, offering LLC formation, compliance and back-office tools. Its customers are freelancers, startups and small business owners, and it generates an estimated $75 million in annual revenue.
The article continues below
Dull the competitive blade
In the last year, ShinyHunters has been an incredibly active threat actor. Security researchers said the group often engages in vishing (voice phishing), calling employees at target companies and impersonating IT security personnel.
In these calls, they ask for remote access to their target’s devices to “fix a problem” or sort out a 2FA issue.
After gaining access, they often gain access to various platforms such as Salesforce or Snowflake, through which they are able to exfiltrate sensitive data and then extort money from the victims. While neither side confirmed the nature of the stolen data, security researchers from Cyber news said the files were “likely internal company data.”
“The Hackers […] could potentially reveal customer or employee information such as PII, the type of companies that were created with the platform,” the researchers said in a press release shared with TechRadar Pro.” The breach may also reveal internal company activities, which could reduce ZenBusiness’s competitive advantage.”
ZenBusiness is just the next in a long line of ShinyHunters victims. Just two days ago, it was reported that 11 million people were affected after the group stole files from Infinite Campus, and before that, Telus Digital, Wynn Resorts, Crunchyroll and many others.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
