Collaboration emerging among three infamous cybercriminal groups
A new alliance between the cybercrime collectives Scattered Spider, ShinyHunters, and Lapsus$ has emerged, as evidenced by the appearance of a Telegram channel called "Scattered LAPSUS$ Hunters". This collaboration represents a shift in the cybercrime landscape, as these groups combine their strengths to carry out more effective extortion and data theft operations.
The alliance is likely driven by shared interests and the need for mutual support. Lapsus$, known for breaking into telecoms giant BT, Nvidia, Microsoft, Samsung, Vodafone, fintech firm Revolut, and Okta, has suffered setbacks from losing several members. ShinyHunters, active since 2020 and best known for high-profile attacks on Snowflake customers' databases, Ticketmaster, and AT&T, contributes its experience from maintaining platforms like BreachForums. Scattered Spider, known for SIM-swapping and high-profile retail intrusions, brings its expertise in phishing and social engineering.
Recent Data Breaches
These groups have been involved in several recent high-profile data breaches. ShinyHunters has been linked to data thefts from companies like Salesforce, Qantas, Allianz Life, LVMH, and Adidas. Lapsus$ has claimed involvement in attacks on Neiman Marcus, Victoria's Secret, Gucci, Chanel, and the U.S. Department of Homeland Security, among others. They are also developing a Ransomware-as-a-Service (RaaS) operation called "ShinySpider" or "ShinySp1d3r," which boasts high encryption speeds of about 1 GB/s.
The synchronized timing of these attacks strongly supports the likelihood of coordinated efforts between the two groups, Scattered Spider and ShinyHunters. For instance, Louis Vuitton reportedly became aware of an intrusion on July 2, shortly after domains like ticket-lvmh[.]com, ticket-dior[.]com, and ticket-louisvuitton[.]com were registered.
Preventing Social-Engineering Attacks
To prevent social-engineering attacks like those carried out by Scattered Spider, companies should train their help desk staff to enforce strong identity verification processes and enforce phishing-resistant multifactor authentication. This will help protect high-profile organizations from falling victim to these malicious groups.
In conclusion, the collaboration between Scattered Spider, ShinyHunters, and Lapsus$ represents a new phase in cybercrime, combining their strengths to achieve more effective extortion and data theft operations. Companies must remain vigilant and take necessary measures to protect their data and systems from these sophisticated threats.
Read also:
- New study reveals that Language Models can execute complex assaults independent of human intervention
- Gadgets and Tech Essentials to Outshine Your Studies in the Upcoming Academic Term
- A separate cable linking to an RTX 50-Series GPU could potentially not be attributed to Nvidia for the issue.
- Today's top computer savings: Grab the new iPad M3 for $100 less, or snag a RTX 5080 gaming PC with a $400 discount and a complimentary gaming monitor included.
