Ethical Hacking News
Scattered Lapsus$ Hunters, a notorious cybercrime collective, has announced its temporary retirement after a series of high-profile breaches, including attacks on prominent organizations and the theft of sensitive data from major companies. However, experts warn that this may be a temporary reprieve, and organizations must remain vigilant to prevent future incidents.
SLSH (Scattered Lapsus$ Hunters), a notorious cybercrime collective, has gone dark until 2026 after the FBI seized its clearweb site.The group's decision comes on the heels of several high-profile breaches and claims to have obtained sensitive data through an attack on Salesforce.SLSH is one of the most infamous cybercrime groups in recent years, known for audacious attacks on prominent organizations.The group's modus operandi involves phishing tactics and malware deployment to extract sensitive data, with some cases involving ransomware attacks.A recent alliance with Scattered Spider and Lapsus$ has led to increased scrutiny from law enforcement, resulting in several landmark arrests of suspected members.Experts warn that SLSH's history suggests it will resurface in the future, armed with new tactics and motivations.
Scattered Lapsus$ Hunters (SLSH), a notorious cybercrime collective, has once again retreated from the digital fray, this time after the FBI seized its clearweb site. The group, which has gained notoriety for its brazen attacks on prominent organizations, announced that it will go dark until 2026, fueling speculation about its future plans and motivations.
The SLSH's decision to temporarily disband comes on the heels of several high-profile breaches, including the theft of sensitive data from Qantas, Vietnam Airlines, Gap, and Fujifilm. The group claimed to have obtained this data through an attack on Salesforce, a popular customer relationship management (CRM) platform used by many businesses. However, experts caution that SLSH's claims should be viewed with skepticism, as the group has a history of exaggeration and falsehoods.
SLSH, which consists mainly of Westerners and native English speakers, has emerged as one of the most infamous cybercrime groups in recent years. The collective has gained notoriety for its audacious attacks on prominent organizations, including London's transport authority, Transport for London, and British retail giants Co-op, M&S, and Harrods.
The group's modus operandi typically involves using phishing tactics to gain access to an organization's systems, followed by the deployment of malware to extract sensitive data. In some cases, SLSH has also resorted to ransomware attacks, demanding payment in exchange for the safe return of stolen data.
SLSH's relationship with other cybercrime groups has been a topic of interest in recent months. The group reportedly formed an alliance with Scattered Spider and Lapsus$, two other notorious cybercrime collectives. This partnership has led to increased scrutiny from law enforcement, including several landmark arrests of suspected members in recent weeks.
One of the most significant arrests was made by the National Crime Agency (NCA), which charged two teenagers, Owen Flowers and Thalha Jubair, with involvement in the Scattered Spider group's attack on Transport for London. The NCA also linked SLSH to at least two other attacks on British retail giants Co-op and M&S.
The FBI has also taken notice of SLSH's activities, and a search warrant was executed on the group's clearweb site, leading to its seizure by law enforcement. The FBI has made no public statements regarding SLSH's current status or plans for the future.
Experts caution that SLSH's tactics are not new and have been employed by other cybercrime groups in the past. However, the group's unique demographic composition, comprising mainly Westerners and native English speakers, sets it apart from other collectives. This has led some to speculate about potential motives behind SLSH's actions.
Jon Abbott, co-founder and CEO of ThreatAware, characterized the weekend leaks as an intimidation tactic aimed at pressuring future victims into paying extortion demands. "Last week's extortion attempt and the data leak on Saturday are indicators that the 40 companies did not pay the group," he said.
Abbott emphasized that paying criminals does not guarantee safety, but doing basic security measures can help prevent such incidents. He also highlighted the importance of rigorous password reset verification, hardened service desk processes, and exceptional cyber hygiene in preventing cyberattacks.
As SLSH retires into obscurity for now, experts warn that this may be a temporary reprieve. The group's history suggests that it will resurface in the future, armed with new tactics and motivations. As such, organizations must remain vigilant and take proactive steps to protect themselves against cyber threats.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Rise-and-Fall-of-Scattered-Lapsus-Hunters-A-Cautionary-Tale-of-Cybercrime-and-Deception-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/10/13/scattered_lapsus_hunters_hiatus/
Published: Thu Oct 16 08:46:19 2025 by llama3.2 3B Q4_K_M
