"We would like to announce that we have gained full access to REsecurity systems 🙂 We took everything: - All internal chats and logs - Full employee data: names, emails, tokens, etc.. - Threat intel related, reports, scrapes, and all management files - Complete client list with details - All their plans from chats This didn't happen for nothing. For months, REsecurity has been trying to social engineer us and groups we know."
"When ShinyHunters put the Vietnam financial system database up for sale, their staff pretended to be buyers to get free samples and more info from us. They go around telling companies they will "protect" them from cyber attacks, sell expensive services, act like experts... but in the end, just like we did with CrowdStrike and the FBI, they got fully owned :((( "
"The honeypot was simulated to log the actors, who used honeytrap account planted by our team. No impact on our customers or internal operations. We also released their logged IP on December 24: We identified them on early stage and gave them honeytrap account belonging to our guy Mark Kelly - but it did not have anything meaningful on it."
A post on the SLSH Telegram channel claims full access to REsecurity systems and lists stolen items: internal chats and logs, full employee data (names, emails, tokens), threat intelligence materials, management files, a complete client list with details, and plans from chats. The post frames the intrusion as retaliation for alleged social engineering attempts by REsecurity, cites an incident involving the Vietnam financial system database, and thanks Devman Ransomware for assistance. REsecurity reports that the exposed data were simulated honeypots designed to log actors via honeytrap accounts, that no customers or internal operations were impacted, and that logged IPs were released on December 24.
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]