'This is a final warning': Hackers say they'll leak "several terabytes" of ZenBusiness data

News
By published

ShinyHunters are urging ZenBusiness to pay the ransom demand

Neon letters spelling RANSOMWARE set against a dark background with red and blue circuitry
(Image credit: Getty Images)
  • ShinyHunters threaten ZenBusiness with deadline to leak stolen data
  • Group likely accessed internal company files via vishing and platform compromise
  • ZenBusiness joins long list of ShinyHunters victims, including Infinite Campus, Telus, and Crunchyroll

The infamous ShinyHunters ransomware actors have given ZenBusiness one “final warning” before leaking terabytes of stolen data.

Cybernews reported ShinyHunters added ZenBusiness to its data leak site and gave a deadline of March 25 to receive a ransom payment or leak data and create “several annoying (digital) problems” for the company.

ZenBusiness is a US-based platform that helps entrepreneurs launch and run small businesses, offering LLC formation, compliance, and back-office tools. Its customers are freelancers, startups, and small business owners, and it generates an estimated $75 million in annual revenue.

Article continues below

Dulling the competitive blade

For the past year, ShinyHunters have been an incredibly active threat actor. Security researchers said the group often engages in vishing (voice phishing), calling employees at target companies and posing as IT security staff.

In these calls, they are asking for remote access to their targets’ devices, in order to “fix a problem” or sort a 2FA issue.

After being granted the access, they often access different platforms such as Salesforce or Snowflake, through which they are able to exfiltrate sensitive data and then extort the victims for money. While neither side confirmed the nature of the data stolen, security researchers from Cybernews said the files were “probably internal company data.”

“The hackers [...] could potentially reveal customer or employee information such as PII, the type of businesses that were set up with the platform,” the researchers said in a press release shared with TechRadar Pro.” The breach could expose internal company operations as well, which can reduce ZenBusiness’s competitive advantage.”

ZenBusiness is just the next in a long line of ShinyHunters victims. Just two days ago, it was reported that 11 million people were affected after the group stole files from Infinite Campus, and before that it was Telus Digital, Wynn Resorts, Crunchyroll, and many others.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.