A notorious English -speaking hacking group has launched a website to eliminate its victims, threatening to release about one billion files stolen from companies that store their customers’ data in cloud databases hosted by Salesforce.
The loosely organized group, known as Lapsus $, scattered spider and shinyhunters, published a special database in dark tissue, called Hunters Lapsus $.
The site, first found by threat researchers on Friday and saw TechCrunch, aims to push the victims to pay hackers to avoid their stolen data published online.
“Contact us to regain control of data governance and prevent public disclosure of your data,” the site said. “Don’t be the next title. All communications require strict verification and will be treated with discretion.”
In recent weeks, the Shinyhunters gang has reportedly been missing from dozens of high -profile companies, breaking the cloud -based databases hosted by Salesforce.
The Allianz Life Insurance Giant, Google, Kering Group, Qantas Airline, Carmaking Stellantis Giant, Credit Bureau Transunion and the platform workplace worker, among many others, confirmed that their data stolen them.
The hacker leakage lists quite a few supposed victims, including FedEx, Hulu (owned by Disney) and Toyota Motors, none of which responded to comments on Friday.
It is not clear whether the companies known have been teased, but are not listed on the hacking team’s leak website, have paid ransom to the hackers to prevent their data from being published. When TechCrunch is reached, a spokesman for Shinyhunters said: “There are many other companies that have not been imported” but refused to say why.
At the top of the site, hackers report SalesForce and ask the company to negotiate ransom, threatening that differently “all your customers [sic] The data will leak. “The tone of the message suggests that salesforce has not yet dealt with hackers.
SalesForce spokesman Nicole Aranda provided a link to the company’s statement, which notes that the company “is aware of the recent efforts to blackmail from threat actors”.
“Our findings show that these efforts are associated with past or unfounded incidents and we remain committed to affected customers to provide support,” The statement reads. “At the moment, there is no indication that the Salesforce platform has been violated, nor does this activity relate to any known vulnerability in our technology.”
Aranda refused to comment further.
For weeks, security researchers have assumed that the team, which has historically avoided a public presence online, plans to publish a data leak site to exhaust its victims.
Historically, such websites have been associated with foreign, often Russian speech, ransomware gangs. In recent years, these organized groups of crimes in cyberspace have evolved from theft, encryption of the victim’s data and then demanding private ransom, simply threatening to post the stolen data online unless they are paid.
He was updated by comments by shinyhunters and comments from SalesForce.
