Hunters Accessed Honeypot

In a shocking turn of events, threat actors associated with the notorious “Scattered Lapsus$ Hunters” (SLH) claim to have infiltrated the systems of prominent cybersecurity firm Resecurity, allegedly pilfering sensitive internal data. However, Resecurity swiftly countered that the attackers had merely accessed a deliberately deployed honeypot, a decoy system designed to lure and monitor malicious activity.

The threat actors, in a brazen display of their supposed exploits, published screenshots on Telegram, purporting to show evidence of the breach. These images appear to depict stolen employee data, internal communications, threat intelligence reports, and client information. One particularly incriminating screenshot seems to be from a Mattermost collaboration instance, showcasing conversations between Resecurity employees and Pastebin personnel regarding malicious content hosted on the text-sharing platform. According to BleepingComputer, a reliable source for cybersecurity news, the threat actors also alleged that Resecurity employees had posed as buyers during the sale of a purported Vietnam financial system database, seeking complimentary samples and additional information.

Resecurity’s assertion that the breach was, in fact, a carefully controlled honeypot, raises questions about the true intentions of the threat actors and the extent of their infiltration.