Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

Cybercrime Crew Falls into Honeytrap: Resecurity's Cunning Sting Net



Cybercrime Crew Falls into Honeytrap: Resecurity's Cunning Sting Net

A notorious cybercrime crew, formerly known as ShinyHunters, has been caught out by a security firm in a cleverly designed honeypot operation. The Scattered Lapsus$ Hunters group claimed to have gained "full access" to the target company's systems but was exposed when they revealed their IP addresses and other OPSEC mistakes. A foreign law enforcement organization issued a subpoena request for one of the suspects, highlighting the consequences of this cybercrime. This cunning sting net demonstrates the power of proactive threat intelligence and serves as a warning to those who would engage in malicious activities.

  • Resecurity successfully lured Scattered Lapsus$ Hunters into a honeypot operation, outsmarting the cybercrime crew.
  • The group claimed to have gained "full access" to Resecurity's systems but soon removed their statement from Telegram.
  • Scattered Lapsus$ Hunters made several OPSEC mistakes, including revealing server details, which helped Resecurity track their IP addresses and identify some attackers from Egypt and Mullvad VPN.
  • A foreign law enforcement organization issued a subpoena request regarding the threat actor, and one of the suspects is a non-US person with associates in both the US and the UK.
  • The incident highlights the importance of cybersecurity awareness and the need for individuals and organizations to remain vigilant against sophisticated threats.


    • In a stunning display of cunning and skill, Resecurity has successfully lured a notorious cybercrime crew, formerly known as ShinyHunters, into its trap. The malicious group, infamous for their brazen attacks on high-profile targets, was outsmarted by the security firm's cleverly designed honeypot operation. This intricate sting net not only caught the Scattered Lapsus$ Hunters off guard but also led to a subpoena being issued for one of the data thieves.

    The story begins with Resecurity's threat intelligence unit setting up a honeypot account in November 2025, after detecting the ShinyHunters group probing their public-facing services and applications. The security firm created a fake employee account, complete with synthetic data and messages, designed to mimic those used by legitimate employees. This clever ruse was intended to allow the threat actor to conduct activity while feeding them with synthetic data to observe their attack path and infrastructure.

    The honeypot operation proved to be a masterclass in social engineering, as Scattered Lapsus$ Hunters took the bait hook, line, and sinker. The group claimed via Telegram that they had gained "full access" to Resecurity's systems, stealing internal chats, logs, employee data, threat intelligence reports, management files, and client information. However, this claim was short-lived, as the group soon removed their statement from the Telegram channel.

    A closer examination of the Scattered Lapsus$ Hunters' actions revealed several OPSEC mistakes, including revealing the exact servers being used for automation. This oversight provided Resecurity's threat intelligence team with valuable insights, allowing them to track the attacker's IP addresses and identify some from Egypt and Mullvad VPN. The security firm also published this information in a bid to expose the attackers' identities.

    The cat-and-mouse game between Resecurity's crew and Scattered Lapsus$ Hunters took an interesting turn when a foreign law enforcement organization, a partner of Resecurity, issued a subpoena request regarding the threat actor. While Resecurity declined to disclose which agency was behind the request, it did reveal that one of the suspects is a non-US person with associates in both the US and the UK.

    The whole ordeal serves as a poignant reminder of the importance of cybersecurity awareness and the need for individuals and organizations to remain vigilant in the face of increasingly sophisticated threats. Resecurity's clever use of social engineering tactics demonstrates the creative ways in which security firms can outsmart malicious actors, and its honeypot operation showcases the power of proactive threat intelligence.

    In conclusion, Scattered Lapsus$ Hunters' misadventure highlights the value of intelligence-led security strategies and serves as a warning to those who would engage in malicious activities. As the cybercrime landscape continues to evolve, it is essential that organizations prioritize robust cybersecurity measures and remain informed about emerging threats.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/Cybercrime-Crew-Falls-into-Honeytrap-Resecuritys-Cunning-Sting-Net-ehn.shtml

  • https://go.theregister.com/feed/www.theregister.com/2026/01/05/resecurity_honeypot_shinyhunters/

  • https://www.bleepingcomputer.com/news/security/hackers-claim-resecurity-hack-firm-says-it-was-a-honeypot/

  • https://cybernews.com/cybercrime/resecurity-denies-breach-says-attackers-hit-a-honeypot/

  • https://cybernews.com/security/scattered-lapsus-hunters-trip-over-honeypot/


    • Published: Mon Jan 5 14:29:32 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us