The cyber-criminal organization Scattered Lapsus$ Hunters is a group of hackers whose members also belong to other popular cyber gangs such as ShinyHunters, Scattered Spider, and Lapsus$. This cyber group teamed up and claimed responsibility for multiple high-profile data breaches, including the recent attacks on Salesforce and Google, among others. The cyber criminals claim to have stolen 1.5 billion Salesforce records belonging to 760 companies and are warning that more companies will soon find out that their info has been breached. In a farewell letter, the Scattered Lapsus$ Hunters claim that their Telegram accounts have been banned and are apparently going “dark”.
Key takeaways
- Scattered Lapsus$ Hunters is a cyber-criminal organization that is predominantly composed of three vicious criminal organizations known as ShinyHunters, Scattered Spider, and Lapsus$.
- The bad actors released a farewell public statement confirming that they’ve decided to “go dark,” with some members continuing their sinister quests while others are retiring.
- Experts and law enforcement believe the criminal organization is not going away at all, but may just regroup and rebrand.
- With some companies pending to announce breaches, and people waiting to learn their sensitive information has been stolen, getting equipped with identity theft plans and antivirus solutions is strongly recommended.
Who are the Scattered Lapsus$ Hunters?
Three of the most vicious hacker organizations teamed up to illegally enter company networks, steal sensitive information, and attack the companies with ransomware. The group consists of three major players – ShinyHunters, Scattered Spider, and Lapsus$. However, the group also included other hacker factions such as Trihash, Yurosh, yaxsh, WyTroZz, N3z0x, Nitroz, TOXIQUEROOT, Prosox, Pertinax, Kurosh, Clown, IntelBroker, and Yukari. They claim to have managed to steal 1.5 billion records from Salesforce that belong to 760 companies. Many of the high-profile data breaches that continue to shock the world, such as the LVMH (Louis Vuitton, Dior, Tiffany & Co.) data breach, Qantas data breach, and even the Jaguar Land Rover data breach, have been claimed by them.
What do they say in the farewell letter?
The criminals published a farewell letter boasting about their “successful” cyberattacks and giving people advance notice that many more data breaches have yet to be revealed. They list a few airlines and other high-profile companies. These companies might soon realize their networks have been breached. The hackers predominantly spread fear. They also express regret for their fallen counterparts now in custody in Western countries. They claim that they are going dark and won’t be as active anymore.
Are Scattered Lapsus$ Hunters really going away?
Not really. Since their multiple high-profile breaches, hackers have attracted law enforcement attention. Agencies from the USA and worldwide are involved. The hacker organization is likely to decrease its public statements because it does not want to continue attracting attention. They will be going through some quiet time and a possible rebrand. Even so, their members will be active and on a constant lookout for more opportunities to steal.
What can you do to protect yourself?
Most companies that report stolen client information often offer free identity theft protection to their customers. The service is usually lasts 12 or 24 months. It gives people security by notifying them of suspicious credit activity. Companies often miss offering antivirus software solutions. However, to counter hackers, credit monitoring helps. It is also useful to have anti-malware software on all connected devices. Often, bad actors lack the full picture, so they target specific individuals or businesses to steal missing information.
Criminal hacker organizations change names. They often retire when they start attracting too much attention. This is likely the case with Scattered Lapsus$ Hunters, too. They claim they won´t be as active. They will continue working quietly, leaving fewer digital footprints for agencies to find. Some of their members may really retire, but the majority of the individuals will continue their sinister quests. We live in a digital world, and being adequately protected has never been more critical than it is right now.