ShinyHunters Cybercrime Group Expands Extortion Activities Using Advanced Vishing and SSO Exploitation

The cybercriminal group ShinyHunters is expanding its extortion operations by employing advanced techniques such as vishing (voice phishing) and harvesting connections to compromise Single Sign-On (SSO) credentials. Attackers exploit these accesses to fraudulently register devices in Multi-Factor Authentication (MFA) systems, thereby bypassing security protections. No specific date or target is mentioned. The impact includes unauthorized access to accounts protected by SSO and MFA, facilitating extortion attacks. Source: SecurityWeek.