CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Resecurity Lures Scattered LAPSUS$ Hunters into Honeytrap

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Resecurity successfully trapped threat actors claiming affiliation with Scattered LAPSUS$ Hunters (SLH) by setting up a honeytrap with synthetic data. The actors attempted to exfiltrate data, making over 188,000 requests between December 12 and December 24, 2025. The exercise led to identifying the threat actor and linking them to a U.S.-based phone number and a Yahoo account. Despite this setback, SLH has resurfaced with increased recruitment activity, seeking initial access brokers and corporate credentials. CYFIRMA noted that SLH is referencing legacy threat brands like LizardSquad, likely for intimidation or reputation inflation rather than proof of a formal alliance.

Timeline

  1. 08.01.2026 14:49 1 articles · 23h ago

    Resecurity Lures SLH Actors into Honeytrap

    Resecurity set up a honeytrap with synthetic data to lure SLH actors, who made over 188,000 requests attempting to exfiltrate data. The exercise led to identifying the threat actor and linking them to a U.S.-based phone number and a Yahoo account. SLH has since resurfaced with increased recruitment activity, seeking initial access brokers and corporate credentials.

    Show sources
    Open in new tab

Information Snippets