heise PlusAbo
Anzeige

Cyber gang "Scattered Lapsus$ Hunters" announces farewell - a little bit

The gang recently made a name for itself with cyberattacks on Jaguar and Marks & Spencer, which caused immense damage. Not everyone is keeping their feet still

listen Print view

(Image: PORTRAIT IMAGES ASIA BY NONWARIT/Shutterstock.com)

3 min. read
Security
By

The notorious cybercrime gang "Scattered Lapsus$ Hunters" is withdrawing from the criminal business for now. At least that's what they claim in a statement published on one of the domains of the underground forum "Breach Forums", which has since been shut down. Those familiar with the scene believe the statement to be authentic, but the group continues to boast about attacks on social media. It gives a particularly poisoned parting gift to law enforcement officers.

"As you know, the last few weeks have been hectic," write the unknown authors, listing alleged and actual victims. Law enforcement officials and companies alike mock the authors and hint at various known and unpublished data leaks. They express their gratitude to the relatives of the imprisoned group members of Lapsus$, Scattered Spider and ShinyHunters and then announce, "Our objectives have been met, it is now time to say goodbye." Some members could now rest on the millions raised through extortion and sabotage, while others would continue their research.

Indeed, shortly after the announcement, one of the group's social media channels published screenshots of apparently internal systems of various US authorities, lovingly edited with MS Paint. The group's last post for now also hinted at an attack on the British National Crime Agency (NCA). Apparently, part of the group is not yet ready to retire.

The Scattered Lapsus$ Hunters design team has done a great job: The carefully edited screenshot apparently shows an internal input mask of the FBI query system NICS.

(Image: Telegram)

It is likely that this is an authentic document from the group. The person or individuals behind the alias "ShinyHunters" last controlled the underground forum BreachForums, which has since been shut down after several raids by law enforcement. To publicize the latest announcement, ShinyHunters reactivated a dormant BreachForums domain – the pamphlet is also linked on the group's social media channels, which are considered authentic.

Usually well-informed insiders also confirmed the authenticity to heise security – ShinyHunters itself has not yet commented on request.

Videos by heise

High-profile cyber gang

The group, consisting of members of the "Scattered Spider", "Lapsus$" (own spelling: LAPSUS$) and "ShinyHunters" groups, has repeatedly made a name for itself in the past with cyberattacks, often using social engineering. For example, they were behind the attack on the British chain Marks & Spencer, which caused severe supply bottlenecks in its stores, costing the company 300 million pounds and the CTO his job. Jaguar is also struggling with the effects of a suspected "Scattered Lapsus$ Hunters" attack: for now, employees in vehicle production are to stay at home.

(cku)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten