In a startling development on September 8, the Telegram channel “scattered LAPSUS$ hunters 4.0” declared its intention to “go dark” after taunting law enforcement for repeated missteps.
With an audacious message aimed squarely at the FBI and French authorities, the group claimed victory in evading capture and vowed that no future activity would follow their signature trail of high-profile data breaches.
What seemed like a temporary hiatus has now been confirmed as a permanent retirement from blackhat operations.
The September 8 post lambasted the FBI and French law enforcement for once again detaining an innocent individual, accusing investigators of “wasting budget” by flying agents across the Atlantic only to make “the WRONG arrest.”
The hunters boasted that their real operators remain at large and fully aware of law enforcement tactics, promising uninterrupted efficiency regardless of arrests.
In a follow-up message, the channel tersely announced: “This channel is now closed and we’re going away for a while. Thanks.” What the initial announcement characterized as a pause proved deceptive.
The Permanent Silence
On September 11, a bombshell communique appeared on BreachForums[.]hn, timed just after DataBreaches’ report on the Salesforce attacks against high-end fashion brands.
Under the heading “Dear World,” the hunters offered an apology for the ambiguity of their earlier silence and explained that 72 hours had allowed them to confirm the viability of contingency plans and to consult with family.
They recounted weeks of complex diversions—from disrupting Jaguar’s factories to “superficially” hacking Google multiple times and overwhelming defenses at Salesforce and CrowdStrike—designed to mislead security firms and government agencies alike.
Crucially, the post hinted at unpublicized breaches of critical infrastructure and high-security government systems, suggesting that victims may yet face undisclosed ransom demands or data exfiltration consequences.
The group claimed to have deliberately abandoned certain tools and communication channels, leaving law enforcement and corporate security teams questioning whether their systems had been fully compromised or left untouched.
“Silence will now be our strength,” the post proclaimed, marking an end to any further direct correspondence from the hunters.
In a notable gesture, the statement extended condolences to eight individuals raided or arrested in connection with campaigns attributed to LAPSUS$, Scattered Spider, ShinyHunters and related collectives since April 2024.
The hunters framed these arrests as “collateral victims” of their “war on power,” asserting that investigations into these associates would unravel as intended. They even suggested that law enforcement’s “vanity” in publicizing arrests only served to reinforce the group’s strategic myths.
What Comes Next?
The conclusion of the statement listed pseudonyms of known operatives—Trihash, Yurosh, Kurosh, Clown, IntelBroker and others—claiming they would now vanish into private life, funded by ill-gotten gains or regress to “studying and improving systems” in silence.
For those still inclined toward illicit activity, the hunters issued a caution: consider the impact on families and loved ones before following their path.
While the vow of silence may hold, the legacy of Scattered LAPSUS$ Hunters 4.0 endures. Already-completed but undisclosed breaches may surface in coming months, revealing further ramifications for corporations and states alike.
As law enforcement digests this final message, the true measure of the group’s impact—and their strategic exit—will be judged by the breaches that still echo in the shadows.
In the ongoing cat-and-mouse game between hackers and authorities, this may be the most daring move yet: disappear without a trace.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
Source link
