Cybersecurity

Hackers Claim To Hack Resecurity, Firm Says It Was A Honeypot

2026-01-03 0 views admin
Hackers Claim To Hack Resecurity, Firm Says It Was A Honeypot

Update: Article updated to reflect that the ShinyHunters says they were not involved in this activity. We have updated our story and title.

Threat actors associated with the "Scattered Lapsus$ Hunters" (SLH) claim to have breached the systems of cybersecurity firm Resecurity and stolen internal data, while Resecurity says the attackers only accessed a deliberately deployed honeypot containing fake information used to monitor their activity.

Today, threat actors published screenshots on Telegram of the alleged breach, claiming they stole employee data, internal communications, threat intelligence reports, and client information.

"We would like to announce that we have gained full access to REsecurity systems," the group wrote on Telegram, claiming to have stolen "all internal chats and logs", "full employee data", "threat intel related reports", and a "complete client list with details."

As proof of their claims, the threat actors published screenshots they allege were stolen from Resecurity, including what appears to be a Mattermost collaboration instance showing communications between Resecurity employees and Pastebin personnel regarding malicious content hosted on the text-sharing platform.

The threat actors, who refer to themselves as "Scattered Lapsus$ Hunters" due to the alleged overlap between ShinyHunters, Lapsus$, and Scattered Spider threat actors, said the attack was retaliation for what they claim are ongoing attempts by Resecurity to socially engineer the group and learn more about its operations.

The threat actors say Resecurity employees pretended to be buyers during the sale of an alleged Vietnam financial system database, seeking free samples and additional information.

After publishing this article, the ShinyHunters spokesperson told BleepingComputer that they were not involved in this activity. While ShinyHunters has always claimed to be part of Scattered Lapsus$ Hunters, they state they were not involved in this attack.

If you have any information regarding this incident or other undisclosed attacks, you can contact us confidentially via Signal at 646-961-3731 or at [email protected].

Resecurity disputes the threat actor's claims, stating that the allegedly breached systems are not part of its legitimate production infrastructure but were instead a honeypot designed to attract and monitor the threat actors.

Source: BleepingComputer

🏷️ Tags

cybersecuritysecurityhackbreachattack

More from Cybersecurity

Covenant Health Says May Data Breach Impacted Nearly 478,000 Patients

Covenant Health Says May Data Breach Impacted Nearly 478,000 Patients

2026-01-02 0
Cryptocurrency Theft Attacks Traced To 2022 Lastpass Breach 2026

Cryptocurrency Theft Attacks Traced To 2022 Lastpass Breach 2026

2026-01-02 0
Over 10k Fortinet Firewalls Exposed To Actively Exploited 2fa Bypass

Over 10k Fortinet Firewalls Exposed To Actively Exploited 2fa Bypass

2026-01-02 0
Google Is Testing A New Image AI And It's Going To Be Its Fastest...

Google Is Testing A New Image AI And It's Going To Be Its Fastest...

2026-01-02 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views