Case Studies
We recommend that you also do your own research using a variety of resources
Careless Whisper
Security researchers showed that delivery receipts (not read receipts) can be abused as a side-channel to infer whether a target’s device is active and to build behavioral patterns over time, without visible messages or notifications to the target.
AMOS
Hack using ChatGPT and Grok links that involved tricking AI chatbots into generating malicious, step-by-step guides for common tasks then publishing these deceptive conversations as Google search results.
Once a user approves these prompts, it focuses on stealing high-value data like browser sessions/credentials, macOS Keychain data, and crypto wallet info. Useful for account takeover and fraud.
Atomic macOS Stealer
The Match Group breach, disclosed in late January 2026, involved the cybercrime group ShinyHunters claiming responsibility for stealing over 10 million records from platforms including Hinge, OkCupid, and Match.com.
The attack was executed through a vishing (voice phishing) campaign that compromised an employee's Okta Single Sign-On (SSO) credentials, granting access to internal systems and the mobile analytics platform AppsFlyer.
Match Group BreachLove & Extortion
A long-running Chinese-linked threat actor operation that compromised over 8.8 million users across Google Chrome, Microsoft Edge, and Mozilla Firefox between 2019 and 2026 through malicious browser extensions. The campaign operated through three distinct but interconnected attacks: ShadyPanda, GhostPoster, The Zoom Stealer.
Patience was key. Once the extensions were approved, they remained benign for years, accumulating millions of installs and "Verified" badges, before being remotely activated. This bypassed browser marketplace review processes entirely.
The operation demonstrates a nation-state-level capability, with dynamic, real-time data exfiltration and long-term strategic targeting of corporate intelligence.
ShadyPanda, GhostPoster, The Zoom Stealer