1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Domains used by notorious hacking group ShinyHunters for Salesfor

    From TechnologyDaily@1337:1/100 to All on Monday, October 13, 2025 16:30:09
    Domains used by notorious hacking group ShinyHunters for Salesforce hacks disrupted in FBI takedown

    Date:
    Mon, 13 Oct 2025 15:15:00 +0000

    Description:
    The FBI tries to stop ShinyHunters hackers from leaking Salesforce data.

    FULL STORY ======================================================================Law enforcement seizes domains used by Scattered Lapsus$ Hunters Files from Salesloft/Salesforce breach were leaked The group stated "the era of forums
    is over"

    The domains used by Scattered Lapsus$ Hunters to host data leak websites were reportedly seized by law enforcement just as the group was about to leak
    files stolen in the Salesloft/Salesforce breach. It didnt stop the leaks, though.

    The clearnet domain breachforums.hn was defaced, showing the usual FBI placeholder - this domain has been seized. This domain was previously used to reestablish BreachForums, an infamous underground website where
    cybercriminals exchanged knowledge, tools, and stolen goods, but after the forum was taken down by the FBI for the second time, it was propped back up
    by Scattered Lapsus$ Hunters, to be used as a data leak and extortion site.

    Just days before the latest takedown, Scattered Lapsus$ Hunters announced
    they would start leaking the data stolen in the Salesloft/Salesforce breach, and even shared the exact moment when the files would go online. In an
    obvious attempt to thwart the leaks, the FBI, together with French authorities, took down not just breachforums.hn, but also the Tor site. However, this one was restored rather quickly, and files belonging to
    multiple companies were leaked. Forums are dead

    Among the victims were Qantas, Gap, Vietnam Airlines, Toyota, Disney, McDonalds, Ikea, and Adidas. Files belonging to more than 40 companies were leaked.

    Unfortunately, no arrests were made, meaning Scattered Lapsus$ Hunters can just prop the forum back up and pick up where they left off. However, according to BleepingComputer , the group has no intention of resurrecting
    the famous forum, reportedly saying: "The era of forums is over".

    It seems Telegram groups will be taking over, serving as improvised forums with a little more resilience to them.

    Another reason for the pivot away from forums, according to CyberInsider , is the fact that the FBI destroyed database backups dating back to 2023, along with all escrow databases.

    The hackers also apparently said that all hacking forums that emerge after BreachForums should be considered honeypots propped up by cybersecurity researchers and law enforcement, and as such, should be avoided.

    Via BleepingComputer

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. You might also like Salesforce platforms are being cracked open for data theft - FBI warns of UNC6040 and UNC6395 IOCs Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/domains-used-by-notorious-hacking-group -shinyhunters-disrupted-in-fbi-takedown


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)