駭客組織發動網路勒索行動,鎖定甲骨文軟體用戶
Hacker Group Targets Oracle Software in Cyber Extortion Campaign
Updated at: June 15, 2026 at 03:30 AM
2026年6月,網路安全領域遭受一場重大的勒索活動震撼。
In June 2026, the cybersecurity landscape was shaken by a significant extortion campaign.
駭客組織ShinyHunters (UNC6240) 發起了一次針對Oracle PeopleSoft軟體的精密攻擊。
The threat actor group known as ShinyHunters (UNC6240) launched a sophisticated attack targeting Oracle PeopleSoft software.
透過利用一個關鍵的零時差漏洞(CVE-2026-35273),該組織在無需任何認證的情況下,獲得了伺服器的遠端程式碼執行權限。
By exploiting a critical zero-day vulnerability, CVE-2026-35273, the group gained unauthorized remote code execution access to servers without needing any authentication.
此漏洞的CVSS評分高達9.8,幾近滿分,使攻擊者能在2026年5月27日至6月9日間,滲透超過100個組織。
This vulnerability, which earned a near-perfect CVSS score of 9.8, allowed attackers to infiltrate over 100 organizations between May 27 and June 9, 2026.
高等教育產業受創尤深,佔受影響實體的68%。
The higher education sector was hit particularly hard, accounting for 68% of the affected entities.
一旦進入系統,攻擊者便部署自訂的遠端管理代理程式來竊取敏感資料,例如學生資訊與財務紀錄,並威脅將其公開於網路上。
Once inside, the attackers deployed custom remote-management agents to steal sensitive data, such as student information and financial records, threatening to leak them online.
此事件標誌著網路犯罪的顯著轉變,攻擊者優先採取直接資料竊取,而非傳統的加密型勒索軟體。
This incident marks a notable shift in cybercrime, where attackers prioritize direct data theft over traditional encryption-based ransomware.
這也凸顯了供應商聚合所帶來的風險,即單一軟體漏洞可能同時影響眾多組織。
It also highlights the risks of vendor aggregation, where a single software flaw can impact numerous organizations at once.
安全研究人員在發現曝露的攻擊者基礎設施後,獲得了該組織運作的罕見洞察,其中包括腳本與指令日誌,進一步揭露了現代網路勒索者不斷演變的策略。
Security researchers later gained rare insights into the group's operations after discovering exposed attacker infrastructure, including scripts and command logs, shedding light on the evolving tactics of modern cyber extortionists.
