- Law enforcement seizes domains used by scattered Lapsus$ hunters
- Files from Salesloft/Salesforce breach leaked
- The group declared that “the era of forums is over.”
Domains used by Scattered Lapsus$ Hunters to host data leak websites were reportedly seized by law enforcement just as the group was about to release files stolen in the Salesloft/Salesforce breach. However, this did not stop the leaks.
The clearnet domain violationforums.hn has been defaced, displaying the usual FBI placeholder: “this domain has been seized.” This domain was previously used to reestablish BreachForums, an infamous underground website where cybercriminals traded knowledge, tools and stolen goods, but after the forum was taken down for the second time by the FBI, it was supported by Scattered Lapsus$ Hunters, for use as a data leak and extortion site.
Just days before the latest takedown, Scattered Lapsus$ Hunters announced that they would begin disclosing data stolen in the Salesloft/Salesforce breach, and even shared exactly when the files would go live. In an obvious attempt to thwart the leaks, the FBI, together with French authorities, shut down not only breakforums.hn, but also the Tor site. However, it was restored relatively quickly and files belonging to several companies were leaked.
Forums are dead
The victims included Qantas, Gap, Vietnam Airlines, Toyota, Disney, McDonald’s, Ikea and Adidas. Files belonging to more than 40 companies have been leaked.
Unfortunately, no arrests have been made, which means that scattered Lapsus$ hunters can simply relaunch the forum and pick up where they left off. However, according to BeepComputerthe group has no plans to resurrect the famous forum, saying: “The era of forums is over.”
It looks like Telegram groups will take over, serving as impromptu forums with a little more resilience.
Another reason to stay away from forums, according to CyberInsiderit’s the fact that the FBI “destroyed” database backups dating back to 2023, as well as all escrow databases.
The hackers also apparently stated that any hacking forums that emerge after BreachForums should be considered honeypots supported by cybersecurity researchers and law enforcement and, as such, should be avoided.
Via BeepComputer
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
