A U.S.-based actor specializing in exploiting API vulnerabilities and engaging in OAuth token abuse to extract sensitive data and disrupt services. Focusing on the energy, retail, and financial services sectors, they use automated systems to hijack authentication tokens and interact with services without human intervention.
