Feds Shutter ShinyHunters Salesforce Extortion Site
The group warned that law-enforcement crackdowns are imminent in the wake of the takedown, but its extortion threats against Salesforce victims remain active.
Stay updated on cyber extortion trends: threats, prevention tips, and incident responses. Protect your data with the latest info on digital ransom tactics.
Search across headline titles and summaries.
Background for this topic.
Extortion is coercion through threats: an attacker demands money or another concession while threatening harm if the victim refuses. In cybersecurity, this commonly involves encrypting systems and demanding payment for recovery, stealing data and threatening to publish it (often called double extortion), or threatening service disruption. The threatened harm may be real, exaggerated, or based on data the attacker did not actually obtain; payment does not guarantee data deletion, secrecy, or restoration.
Security teams should treat an extortion demand as a potential incident: preserve evidence, isolate affected systems, determine whether data was accessed, and involve legal and privacy specialists where notification or regulatory duties may apply. Offline, tested backups can reduce leverage from encryption, but they do not address stolen information. Reviewing exposed remote services, credentials, and unpatched internet-facing systems can help contain the access path, while threat intelligence may help assess the attacker’s claims and identify related activity.
The group warned that law-enforcement crackdowns are imminent in the wake of the takedown, but its extortion threats against Salesforce victims remain active.
US and French fuzz pull the plug on Scattered Lapsus$ Hunters' latest leak shop targeting Salesforce US authorities have seized the latest incarnation of BreachForums, the cybercriminal bazaar recently reborn under the stewardship of the so-called Scattered Lapsus$ Hunters, with help from French cyber cops and the Paris prosecutor's office.…
GTIG highlighted indicators that Clop is behind the extortion campaign targeting Oracle EBS instances, with its activity likely beginning as early as August 9
The FBI has seized last night all domains for the BreachForums hacking forum operated by the ShinyHunters group mostly as a portal for leaking corporate data stolen in attacks from ransomware and extortion gangs. [...]
LockBit, Qilin, and DragonForce also invited other attackers to join their collaboration to share attack information and resources.
The Qilin ransomware group has claimed responsibility for the attack at Japanese beer maker Asahi, adding the company to its extortion page on the dark web yesterday. [...]
A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse to pay a ransom. The group also claimed responsibility for a recent breach involving Discord user data, and for stealing terabytes of sensitive files from thousands of customers of the enterprise software maker Red Hat.
Enterprise software giant Red Hat is now being extorted by the ShinyHunters gang, with samples of stolen customer engagement reports (CERs) leaked on their data leak site. [...]
Crime group claims to have already doled out $1K to those in it 'for money and for the love of the game' Scattered Lapsus$ Hunters has launched an unusual crowdsourced extortion scheme, offering $10 in Bitcoin to anyone willing to help pressure their alleged victims into paying ransoms.…
Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion Oracle rushed out an emergency fix over the weekend for a zero-day vulnerability in its E-Business Suite (EBS) that criminal crew Clop has already abused for data theft and extortion.…