Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Three notorious cybercrime gangs appear to be collaborating

(Mike Szczepanski / Unsplash)

By Jessica Lyons

Prolific cybercrime collectives Scattered Spider, ShinyHunters, and Lapsus$ appear to be working together to break into businesses’ networks, steal their data, and force an extortion payment.

The “Scattered LAPSUS$ Hunters” [Telegram] channel appeared last Friday. Posts include partial breach samples, vendor lists, and a heavy dose of trolling about old and new claims of successful data theft. Messages mentioned raids on Victoria’s Secret, customer info lifted from Gucci, and an attack on US department store chain Neiman Marcus that may be connected to the 2024 theft of its customer database. Other chats included screen shots of negotiations with Chanel, and claims of intrusions at the US Department of Homeland Security and government agencies in England, France, Brazil, and India.

Channel members also claimed to be developing a ransomware-as-a-service (RaaS) operation named “ShinySpider” or “ShinySp1d3r,” and bragged that their data-locked malware could hit encryption speeds of 1 GB per second: “OUR RaaS IS ADAPTIVE BASED ON VICTIM RESOURCES – THE FASTEST WE’VE SEEN IS ~1/GBps,” they claimed, adding: “Fk LockBit and DragonForce, yayayaya!.”

Read more at The Register

Click to listen highlighted text!