FlagThis
← All Threat Actors
Threat Actor Profile
SHADOW-AETHER-015
No known aliases in database
⚠ Critical Threat
Instructure Canvas Breach, Oracle PeopleSoft Zero-Day Exploitation, 0ktapus Identity Abuse
Origin
—
Sponsor
criminal organization
Motivation
financial gain through data theft, ransomware, and multi-pressure extortion
Target Sectors
Education (Universities, K-12, Teaching Hospitals)
Identity and Access Management (IAM) Systems (e.g., Okta, Azure AD/Entra ID)
Cloud Infrastructure
Oracle Enterprise Software (PeopleSoft/E-Business Suite)
Known TTPs
Vishing
Help-desk impersonation
MFA fatigue
Token theft
Credential harvesting
Zero-day exploitation
Cloud lateral movement
Multi-pressure extortion
External Resources
CISA Advisories ↗
Related Intelligence
Hacking the mainframe…
No related stories found in the intelligence database.
SHARE INTELLIGENCE WIRE
×
Story Title
X / Twitter
Bluesky
LinkedIn
Copy Link
LINK COPIED TO CLIPBOARD