Ticketmaster attacker vanishes, pundits speculating arrest

The Ticketmaster perpetrators have disappeared with their accounts being deleted, which could suggest a potential arrest.

The darknet community is awash with speculation that threat actor ShinyHunters, also known as ShinyCorp, might have been arrested. ShinyHunters gained attention at the end of May due to its involvement in breaches affecting Ticketmaster and Santander Banks.

Internet users have noticed that Shiny’s Telegram account and channel, which belonged to an international cyber threat group, have been deleted.

The group is believed to have been administrating the notorious BreachForums – a marketplace for stolen data, which, according to internet users, has been offline “on both clearnet and Tor.”

Cybernews checked, and the website is indeed down at the time of writing. However, it remains unknown whether it’s for technical issues or legal action.

The “BreachForums Announcements” Telegram channel and Jacuzzi 2.0 Telegram chat, used by the illicit marketplace community, have also been deleted.

While there’s no official information yet, this might be an indicator of arrests.

Ticketmaster targeted

On May 20th, Live Nation, Ticketmaster's parent company, revealed a data breach. Santander Bank also admitted that it was affected by a cybersecurity incident. Both companies have blamed a third-party cloud data breach. However, they did not specify the vendor.

Shortly after the companies disclosed the breach, ShinyHunters posted the data of 560 million customers for sale on an illicit online marketplace.

Cybersecurity researchers at Hudson Rock linked the attack with American cloud service company Snowflake. According to Kevin Beaumont, a cybersecurity researcher, multiple organizations had their full databases taken from Snowflake.

Snowflake admitted an ex-employee account was compromised, but the company denied links to the breach that affected Ticketmaster and Santander Bank.

The FBI recently hit ShinyHunters by taking down BreachForums and allegedly arresting the site’s administrator, Baphomet. Despite the authorities' actions, the hackers reclaimed the site almost instantly.

More from Cybernews:

The rise of AI-Generated propaganda: the impact of AI and deepfakes on US elections

“Evolved Apes” NFT scammers face 40 years in prison after stealing 2.7M from investors

Apple may let users lock individual apps

QuoteWizard, another Snowflake customer, confirms breach – media

Adobe enrages then tries to soothe users with new terms update

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked