Findings come amid the emergence of a Telegram channel purportedly led by members of the ShinyHunters, Scattered Spider, and LAPSUS$ hacking groups.
The ShinyHunters hacking collective has apparently partnered with the Scattered Spider ransomware gang, and are setting their sights on organisations in the financial services and technology sectors.
According to a blog by ReliaQuest, attacks by ShinyHunters have recently been imbued with Scattered Spider tactics, including the deployment of social engineering and voice phishing schemes, legitimate tool-spoofing apps, and VPN concealment in data exfiltration activities.
The findings come amid the emergence of a Telegram channel purportedly led by members of the ShinyHunters, Scattered Spider, and LAPSUS$ hacking groups, which touted the development of the ShinySp1d3r ransomware-as-a-service platform before being removed from the messaging platform.
"[Scattered LAPSUS$ Hunters'] connection to known entities like Scattered Spider and ShinyHunters indicates this is less a ‘new’ group than a rebranding and coalescence of existing threat actors responding to recent law enforcement heat," FalconFeeds researchers told
The Hacker News.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
