• Scattered Lapsus ShinyHunters (SLSH) uses harassment, threats, even swatting to extort firms. • They notify journalists and regulators, amplifying pressure beyond typical ransomware demands. • Victims often pay to stop personal attacks, but experts advise against paying. • SLSH is unruly, English‑speaking, and unreliable, lacking consistent follow‑through on promises. • Unlike Russian affiliates, SLSH escalates to physical violence threats, DDoS, and email flooding. • Expert Allison Nixon warns that engaging only fuels further harassment; best defense is no payment.
Article Summaries:
- Summary
Scattered Lapsus ShinyHunters (SLSH), a loose English‑speaking ransomware gang, has adopted a brutal extortion playbook that goes beyond data theft. The group uses phone‑phishing to harvest MFA credentials, then threatens executives and their families with swatting, DDoS attacks, and repeated email flooding. Victims are also warned by journalists and regulators that their data is exposed. While some companies pay to halt the harassment, security researcher Allison Nixon cautions that paying only fuels further attacks, noting SLSH’s unreliable history and lack of a consistent reputation. The gang’s tactics aim to overwhelm victims psychologically, pushing them toward payment.
Sources: