"As predicted a few days ago, BreachForums was seized. The splash page is now up. It does not have any cute avatars with characters in handcuffs and no text about all the entities that cooperated. It simply says, "This Domain Has Been Seized," and shows four shields: Department of Justice, FBI, BL2C, and JUNALCO. The latter two are the French agencies that have been heavily involved in trying to catch and thwart ShinyHunters."
"Of note DataBreaches had noted that backup domains for breachforums[.]hn were changed sometime last month to 101domains.com and 101domains.com name servers. DataBreaches suspects that this was to make sure that the threat actors did not have backup domains available to use for the leak site once the main domain was seized. As of today, the name servers for the backup domains have also been changed to ns1.fbi.seized.gov and ns2.fbi.seized.gov."
BreachForums' clear-net domain was seized and replaced with a splash page displaying seals for the Department of Justice, FBI, BL2C, and JUNALCO. At the time of seizure, ScatteredLAPSUS$Hunters was preparing to leak data from 39 Salesforce customers unless Salesforce paid an undisclosed ransom by October 10 at 11:59 PM Eastern. The clear-net leak site is impacted, while an onion leak site initially appeared to still function and could be used to dump targeted companies' data; the official BreachForums onion domain was also seized. Name servers were observed changing (Cloudflare, 101domains, then ns1.fbi.seized.gov/ns2.fbi.seized.gov), and backup domains were similarly updated, apparently to prevent reuse. Telegram channel reactions were mixed, with some users calling for ShinyHunters to respond.
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]