ShinyHunters · The New APT Model.
Up next
Author
Share article
The post has been shared by 0 people.
Facebook 0
X (Twitter) 0
Pinterest 0
Mail 0

📊 Full opportunity report: ShinyHunters · The New APT Model. on ThorstenMeyerAI.com — validation score, market gap, and execution plan.

TL;DR

ShinyHunters has transitioned from a database theft group to a sophisticated, AI-enabled collective operating as a distributed APT. This new model scales rapidly, shifting the threat landscape for enterprises. The development signals a need for updated security strategies.

ShinyHunters has transformed from a database theft collective into a distributed, AI-enabled operational model that now functions as a threat actor network, significantly scaling its impact and complexity. This evolution, confirmed through recent breach campaigns, signals a change in enterprise threat dynamics and security challenges.

Since its emergence in 2020, ShinyHunters has grown into a complex threat entity, breaching over 400 organizations, including high-profile targets like Snowflake, Salesforce, and educational institutions. Initially focused on opportunistic database theft, the group transitioned through several operational eras, adopting credential stuffing, SaaS abuse, and now AI-driven tactics.

Recent campaigns, including the breach of Vercel and ongoing extortion efforts against educational platforms like Canvas, demonstrate the group’s new operational capabilities. These campaigns leverage AI-enabled voice phishing and automated attack chains, enabling rapid scaling and targeting at an increased level.

Unlike traditional nation-state APTs, ShinyHunters operates as a collective, functioning as a brand with affiliate revenue sharing, crowd-sourced victim pressure campaigns, and a tiered monetization model that includes direct extortion and bulk data sales. This model has been described by cybersecurity experts as a new class of threat actor, blurring the lines between criminal gangs and state actors.

ShinyHunters · The New APT Model.
DISPATCH / MAY 2026 SECURITY · SHINYHUNTERS · THE NEW APT MODEL · PART 5
▲ Part 5 · Security New APT Model · May 2026
Software Security · Part 5 · ShinyHunters · The New APT Model

ShinyHunters.
The new APT model.

Extortion-as-a-Service operating as a brand and a collective. AI-enabled vishing as primary access vector. 400+ organizations breached since 2020.

The criminal operational model has been redesigned. Not a hierarchical organization. A brand within “The Com” with affiliated clusters, 25-30% affiliate revenue share, multi-stream business model spanning direct extortion ($65M Telus demand), bulk data sales ($1M per company), BreachForums administration, and crowd-sourced pressure. AI voice cloning crossed the indistinguishable threshold. The defensive frameworks have not yet caught up.

Thorsten Meyer / ThorstenMeyerAI.com / May 2026 · Part 5
▲ The central editorial finding
The traditional APT framework has been replaced as the dominant enterprise threat by something operationally different. A brand. A collective. An affiliate program. An AI-enabled capability stack. The defenders’ threat models need to update.
— software security · the new APT model · part 5 · may 2026
400+
Organizations breached · 2020-2026 cumulative
Snowflake · Salesforce · Vercel · Canvas · 100+ named victims
$65M
Telus ransom demand · March 2026 · 1+ PB stolen
FBI background data · CDRs · source code · Salesforce data
25-30%
EaaS affiliate revenue share · operational model
Multi-stream: direct extortion + sales + admin + EaaS
<1hr
Cordial Spider · initial compromise → exfiltration
Sub-1-hr exfiltration · faster than human SOC triage
5 OPERATIONAL ERAS 2020-2022 DATABASE THEFT → 2023-2024 CREDENTIAL STUFFING → 2024-2025 OAUTH SUPPLY CHAIN → 2025-2026 AI VISHING → 2026 PRODUCTIVITY-TOOL CASCADE 760+ COMPANIES RELIAQUEST / COMPUTER WEEKLY · LATE 2025 – 2026 SHINYHUNTERS CAMPAIGN · MOST IMPACTFUL VISHING EVER THE COM SHINYHUNTERS + SCATTERED SPIDER + LAPSUS$ + CORDIAL SPIDER + SNARKY SPIDER + COINBASECARTEL VOICE CLONING VALL-E · 3 SECONDS OF AUDIO SUFFICIENT · FORTUNE 2026: “INDISTINGUISHABLE THRESHOLD” · BIOMETRICS BYPASSED SHINYSP1D3R CHACHA20+RSA-2048 WIN · AES-256 ESXI · RANSOMWARE PLATFORM UNDER DEV · ESCALATION OPTION READY DEFENSIVE PRIORITIES PHISHING-RESISTANT MFA · HELPDESK HARDENING · SAAS OBSERVABILITY · AI-AUGMENTED SOC 5 OPERATIONAL ERAS 2020-2022 DATABASE THEFT → 2023-2024 CREDENTIAL STUFFING → 2024-2025 OAUTH SUPPLY CHAIN
Operational evolution · capability progression

Five eras. Each adds capability the previous era couldn’t execute.

From database theft on forums (2020) to AI-vishing-driven SaaS cascade (2026). Each era preserves prior capabilities while adding new ones. The current ShinyHunters operational stack spans all five.

Five operational eras · 2020-2026 ShinyHunters capability progression
Each era’s signature campaign demonstrated capability that became part of the permanent operational stack.
Era 01 2020-22 Bulk theft
Database theft + forum monetization
Find SQL injection or exposed servers · exfiltrate data · sell on forums. Tokopedia 91M · Wishbone 40M · Wattpad 270M · Microsoft GitHub repos. Forum sales at tens of thousands per dataset. Arrests 2022-2025 across 5 countries; operations continued.
SIGNATURETokopedia91M records
Era 02 2023-24 Cred stuffing
Credential stuffing at cloud scale
Stolen credentials + weak/absent MFA = mass enterprise cloud access. ~165 Snowflake customers compromised. Verified victims: AT&T (109M records), Ticketmaster (560M), Santander, Advance Auto Parts. Economic model shift: per-database sales → multi-million extortion per company.
SIGNATURESnowflake165 customers · 2024
Era 03 2024-25 OAuth supply
OAuth supply chain + SaaS integration abuse
Compromise third-party SaaS vendor → extract OAuth tokens → mass query customer environments. Drift/Salesloft Aug 2025 cascade. 1.5B records. 70+ lawsuits. FBI advisory CSA-2025-250912. Attempted to extort Salesforce itself. Cloudflare, Google, PagerDuty, Palo Alto, Proofpoint, Zscaler verified victims.
SIGNATUREDrift/Salesloft700+ orgs · 1.5B records
Era 04 2025-26 AI vishing
AI-enabled vishing + SSO compromise at scale
AI voice cloning + conversational agents + victim-branded credential harvesting + real-time MFA interception. Mandiant tracks UNC6661/UNC6671/UNC6240/UNC6395. 760+ companies in late-2025-into-2026 campaign. The capability that makes industrial scale possible.
SIGNATURE760+ companiesReliaQuest tracking
Era 05 2026 Current
Third-party supply chain cascade + AI-productivity-tool abuse
Compromised AI productivity tools cascade through OAuth grants to enterprise data. Vercel/Context.ai Apr 19 ($2M BreachForums). Anodot chain → Vimeo, Rockstar Games, Zara/Inditex. Canvas/Instructure ongoing through May 12: 275M records · 8,800+ institutions · finals-week portal defacement.
SIGNATURECanvas/Instructure275M records · ~9,000 schools
Organizational anatomy · why traditional APT frameworks miss this
AI Voice Recorder with Playback, Digital Voice Recorder with Unlimited Transcription, Summary, Translation, 80GB Voice to Text Meeting Recorder and Transcriber, AI Recorder for Lectures, Interviews

AI Voice Recorder with Playback, Digital Voice Recorder with Unlimited Transcription, Summary, Translation, 80GB Voice to Text Meeting Recorder and Transcriber, AI Recorder for Lectures, Interviews

【Real-Time Voice-to-Text】The HUREWA AI voice recorder features advanced free voice-to-text (no time limit), supporting 13 major languages. Users…

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Not a gang. A brand operating a collective.

Traditional threat intelligence describes APT groups in terms of attribution to specific named organizations. ShinyHunters doesn’t fit that framework. A criminal brand within “The Com” alongside Scattered Spider, LAPSUS$, Cordial Spider, Snarky Spider, CoinbaseCartel.

Three organizational properties · brand · collective · affiliate
Each property is structurally different from the traditional APT model. Together they produce an operational architecture that scales through the criminal economy.
▲ Property 01
A brand
Not a hierarchical organization. Multiple threat clusters operating under ShinyHunters branding. Mandiant tracks UNC6661/UNC6671/UNC6240/UNC6395. Attribution is structurally probabilistic, not deterministic. Branding is situational across operations.
4+ threat clusters under one brand
▲ Property 02
Within The Com
A loosely affiliated cybercriminal community of English-speakers including Scattered Spider, LAPSUS$, Cordial Spider, Snarky Spider, CoinbaseCartel. Members rotate, collaborate, fork. “Who ShinyHunters is” is not a stable answer. Defensive infrastructure focused on individuals misses the playbook.
6+ active clusters within The Com
▲ Property 03
An affiliate program
Formal Extortion-as-a-Service operation with 25-30% affiliate revenue share. Mirrors RaaS economics but applied to extortion-without-encryption. Removes operational complexity of ransomware deployment while maintaining extortion leverage. ShinySp1d3r ransomware platform under dev as escalation option.
25-30% affiliate revenue share

The actual operational threat is the playbook itself — vishing → SSO compromise → SaaS exfiltration → extortion — replicated across dozens of clusters within The Com. Defending against ShinyHunters specifically is the wrong threat model. Defending against the playbook is the right one.

AI vishing capability stack · why scale is now operational
Microsoft Sentinel Security Operations: Build Real SOC Skills in Threat Detection, KQL Querying, and Security Automation for Cybersecurity

Microsoft Sentinel Security Operations: Build Real SOC Skills in Threat Detection, KQL Querying, and Security Automation for Cybersecurity

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Voice cloning crossed the indistinguishable threshold.

The technical innovation enabling industrial-scale operations. 3 seconds of audio is sufficient. Voice biometrics are bypassed. Sub-1-hour compromise-to-exfiltration. IT helpdesks are the primary attack surface.

Five capability layers · industrialized AI vishing operation
Each layer is built on commercially available AI capability. Together they enable thousands of calls per day with conversational quality indistinguishable from real IT staff.
01Voice
Voice cloning models
VALL-E and similar models · 3 seconds of audio sufficient · public sources: LinkedIn videos, conference recordings, podcasts, executive interviews. Voice biometrics bypassed per Nature Machine Intelligence.
3 secaudio sufficient
02Convo
Conversational AI agents
LLMs trained on customer service interactions · respond to questions, handle pushback, adapt to user behavior in real time. Static voice clone + dynamic conversation = operationally useful agent.
1,000+calls/day at retailers
03Recon
Reconnaissance automation
AI scraping of company directories, LinkedIn, social media, leaked breach data. Each call references the employee’s manager, current projects, recent acquisitions, internal terminology. All from publicly available reconnaissance.
82.6%phishing AI-generated
04MFA
Real-time MFA interception
Vishing-driven SSO phishing pages capture authentication tokens in real time. Victim-branded credential harvesting sites with Tucows-registered domains. Custom phishing kits with scripts controlling authentication flow in victim’s browser.
<1 hrcompromise→exfil
05Multi
Multi-vector coordination
Email phishing + SMS smishing + voice vishing in coordinated sequences. Email primes target → SMS adds urgency → vishing call closes the loop with verbal authorization request. 3.4 billion phishing emails per day globally.
3.4Bphishing emails/day

The IT helpdesk is the primary attack surface because helpdesks exist to help. Their service-oriented design makes them inherently vulnerable to social engineering. Hardening requires removing helpfulness from the trust model. Mandatory video verification. Multi-person approval. Dedicated security channels.

Multi-revenue-stream business model · the EaaS architecture
Fortinet FortiGuard 1 Year Advanced Threat Protection for FortiGate-60F (FC-10-0060F-928-02-12) | IPS, Advanced Malware Protection Service, App. Control, and FortiCare Premium

Fortinet FortiGuard 1 Year Advanced Threat Protection for FortiGate-60F (FC-10-0060F-928-02-12) | IPS, Advanced Malware Protection Service, App. Control, and FortiCare Premium

FortiGuard 1 Year Advanced Threat Protection for FortiGate-60F (FC-10-0060F-928-02-12)

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Four revenue streams. A platform business.

ShinyHunters operates a multi-stream business model with revenue from direct extortion, bulk data sales, BreachForums administration, and affiliate revenue share. Structurally similar to legitimate platform economics, applied to extortion-without-encryption.

Four revenue streams · the EaaS business model
The structural innovation: applied platform economics to criminal extortion. Affiliates plug into infrastructure; ShinyHunters operates the platform; revenue share aligns incentives.
▲ STREAM 01
Direct extortion
$500K-$65Mper company
Payment from compromised orgs to not publish data. Telus $65M demand · typical range $500K-$10M. “Pay or leak” model — no decryption keys needed.
▲ STREAM 02
Bulk data sales
$1Mper company premium
Stolen datasets sold to ransomware affiliates and other criminal actors. EclecticIQ: ShinyCorp persona communicates via Telegram and qTox. Airline data at $1M per company.
▲ STREAM 03
BreachForums administration
Revenuefrom marketplace ops
Operating the cybercrime marketplace that hosts both ShinyHunters’ own data and third-party criminal data. Platform economics applied to criminal infrastructure.
▲ STREAM 04
EaaS affiliate revenue
25-30%affiliate share
Affiliates access ShinyHunters infrastructure in exchange for revenue share on successful extortions. Mirrors RaaS economics. Scales operations without scaling headcount.
New defensive framework · identity-centric posture
Incident Response Analyst Call Humor Soc Cybersecurity T-Shirt

Incident Response Analyst Call Humor Soc Cybersecurity T-Shirt

For the infosec professional who lives by zero trust, ethical hacking and incident response at 3am. Always On…

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Defending against the playbook, not the actor.

Enterprise security needs to operate at AI-vs-AI speed against AI-enabled adversaries. Identity infrastructure hardening is the primary defense layer — not network perimeter, not endpoint detection. Structural shift from the 2010s defensive posture.

Five defensive priorities · identity-centric architecture
Each represents a structural shift from network-centric defense. Highest-leverage first.
▲ PRIORITY 01
HIGHEST LEVERAGE
Phishing-resistant MFA · everywhere.
FIDO2 security keys, passkeys, Windows Hello. Resist vishing-driven MFA bypass that current ShinyHunters operations rely on. SMS-based and push-based MFA are no longer adequate. Mandiant’s January 2026 guidance explicitly recommends transition.
▲ PRIORITY 02
HELPDESK HARDENING
Remove helpfulness from the trust model.
Live video verification for password and MFA resets. Multi-person approval for high-privilege identity changes. Dedicated authentication change channels. Mandatory ticketing for all authentication operations. Most enterprises have not implemented these controls.
▲ PRIORITY 03
SAAS OBSERVABILITY
Visibility into identity + SaaS activity.
Okta + Entra ID audit logs into SIEM. SharePoint/OneDrive download events. Salesforce SOQL query volume. UserAgent capture for PowerShell-based access. Without visibility, detection is structurally impossible.
▲ PRIORITY 04
WORKFORCE AWARENESS
Train workforce on AI vishing specifically.
Any incoming call requesting authentication changes is a security event regardless of who the caller claims to be. Voice familiarity is no longer authentication — AI cloning indistinguishable from real. Time pressure is an attacker tactic. Hangup, call back via known internal phone tree, verify through ticketing.
▲ PRIORITY 05
IR READINESS
Build extortion playbooks · not just ransomware.
Most enterprises have ransomware playbooks but not extortion-without-encryption playbooks. Different decision tree on payment (no decryption keys to recover). Different regulatory landscape. Crowd-sourced pressure response · public-affairs strategy · affected-party notification.

The traditional APT framework has been replaced. ShinyHunters is the canonical example of the new model — a brand, a collective, an affiliate program, an AI-enabled capability stack, a multi-revenue-stream business operation. The defenders’ threat models need to update.

— Software security · the new APT model · Part 5 · May 2026
Source dossier · the receipts
  • 732 Bytes to Root · the cost-curve collapse · Part 1
  • The 90-Day Window Closed · the disclosure collapse · Part 2
  • The Defender’s Counter-Cascade · the deployment gap · Part 3
  • The OAuth Permission Apocalypse · “Allow All” is the new SQL injection · Part 4
  • Halcyon · ShinyHunters threat actor profile · operational structure and EaaS affiliate model
  • Halcyon · Education Sector in the Crosshairs: ShinyHunters’ Extortion Campaign Against Instructure · May 2026
  • Google Cloud Threat Intelligence Group · Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft · Jan 2026
  • Google Cloud Threat Intelligence Group · Proactive Defense Against ShinyHunters-Branded Data Theft Targeting SaaS
  • Mandiant · UNC6661 / UNC6671 / UNC6240 / UNC6395 cluster designations
  • EclecticIQ · ShinyHunters Calling: Financially Motivated Data Extortion Group Targeting Enterprise Cloud Applications
  • Push Security · How three techniques are behind ShinyHunters’ 2026 campaigns · May 2026
  • SecurityWeek · ShinyHunters-Branded Extortion Activity Expands, Escalates · Feb 2026
  • MayhemCode · ShinyHunters Hacking Group Explained: 400 Companies Breached and Still Counting
  • ReliaQuest / Computer Weekly · 760+ target organizations · late-2025-into-2026 campaign
  • CrowdStrike · Cordial Spider · sub-1-hour compromise-to-exfiltration
  • Microsoft VALL-E research · 3-second voice cloning sufficient
  • Fortune 2026 deepfake outlook · “indistinguishable threshold”
  • FBI PSA250515 · May 2025 AI-generated voice impersonation warning
  • Group-IB · The Anatomy of a Deepfake Voice Phishing Attack · Aug 2025
  • Vectra AI · How Vishing Works and How to Stop It
  • KnowBe4 / SlashNext · 82.6% of phishing emails contain AI-generated content
  • Hoxhunt · 40% of BEC emails primarily AI-generated
  • FBI Cybersecurity Advisory CSA-2025-250912 · UNC6395 targeting Salesforce
  • Snowflake 2024 campaign · 165 customer environments · AT&T, Ticketmaster, Santander
  • ShinySp1d3r ransomware platform · ChaCha20+RSA-2048 Win / AES-256 ESXi · early 2026 status
Colophon · Part 5

Set in Source Serif 4, IBM Plex Sans, & IBM Plex Mono. Security-advisory aesthetic. Free to embed with attribution.

thorstenmeyerai.com

Software security · the new APT model · Part 5 of 5 · May 2026

400+ orgs · $65M · 25-30% · <1 hr

Implications of ShinyHunters’ Operational Shift for Enterprise Security

This new model introduces a different operational approach that allows for scalable, AI-driven attacks that can bypass some traditional defenses. Enterprises need to consider the decentralized and affiliate-based nature of such threat actors, which may require adaptations in detection and response strategies.

Evolution of ShinyHunters’ Operational Capabilities

ShinyHunters’ operational history spans five distinct eras, from opportunistic database exfiltration to credential stuffing, SaaS abuse, and now AI-enabled attacks. The group’s recent activities highlight a strategic shift towards automation, AI utilization, and a collective operational structure that extends beyond traditional cybercriminal models.

The recent breaches in April and May 2026 exemplify this evolution. The Vercel cascade involved AI-powered productivity tool exploitation, while the ongoing Canvas campaign targets educational institutions with large data breaches, demonstrating the group’s ability to adapt and scale quickly.

Experts note that these developments mark a departure from the classic nation-state APT model, emphasizing the importance of understanding the operational and economic architecture behind these threat actors.

“ShinyHunters now operates as a distributed collective with an AI-enabled capability stack, fundamentally changing the threat actor landscape.”

— Thorsten Meyer

Uncertainties Surrounding ShinyHunters’ Future Operations

While recent campaigns confirm the group’s operational capabilities, it remains uncertain how sustainable or centralized the collective structure is long-term. The full extent of AI integration and the potential for further expansion into new attack vectors are still being observed and analyzed.

Next Steps in Monitoring ShinyHunters’ Activity

Security researchers and organizations should anticipate continued campaigns leveraging AI and affiliate networks. Monitoring for new breach patterns, AI-enabled phishing, and rapid scaling tactics will be important. Further disclosures or operational shifts may emerge as law enforcement and cybersecurity teams analyze ongoing activities.

Key Questions

How does ShinyHunters’ new model differ from traditional cybercriminal groups?

It operates as a distributed collective with a formal affiliate program, uses AI-enabled attack methods, and has a scalable monetization architecture, unlike traditional, more centralized criminal groups.

What are the primary attack vectors used by ShinyHunters now?

AI-enabled voice phishing, credential stuffing, SaaS supply chain abuse, and automated exploitation of cloud misconfigurations are key tactics in their current operations.

Why do security frameworks struggle to defend against this new model?

Because the threat actor is decentralized, automated, and continuously evolving, traditional perimeter defenses and signature-based detection are less effective against their scalable, AI-driven campaigns.

What should organizations do to defend against this evolving threat?

Adopt AI-aware detection tools, strengthen cloud security configurations, implement multi-factor authentication, and monitor for anomalous activity indicative of automated attack chains.

Source: ThorstenMeyerAI.com

This content is for general information only and is not financial, tax or legal advice. Consult a qualified professional for decisions about your money.
You May Also Like
despite enhanced security measures

Why Multi-Factor Authentication Still Fails Sometimes

Why Multi-Factor Authentication Still Fails Sometimes: uncover the hidden vulnerabilities and learn how to better protect yourself from evolving cyber threats.
budget friendly home security options

How to Choose a Home Office Security Camera System Without Overspending

Navigating affordable home office security cameras requires balancing key features and budget, so discover how to make the smartest choice without overspending.
vulnerable student identity theft

Why College Students Are Easy Targets for Identity Fraud

Discover why college students are easy targets for identity fraud and learn essential tips to protect yourself from scams and cyber threats.
secure convenient mail delivery

Why a Locking Mailbox Is a Bigger Upgrade Than It Sounds

A locking mailbox offers more than just keeping your mail safe; it…