Evidence of real breach remains thin: Despite Resecurity’s detailed account, the threat actors have not backed up their original claims with additional verifiable evidence. After posting the screenshots, no substantiated leaks of internal systems or actual client data have appeared. Independent analysis by various cybersecurity researchers supports Resecurity’s assertion that no production assets were compromised.On the other hand, Resecurity’s own analysis of the interaction patterns aligned with common threat actors’ tactics. According to the company’s investigation, the activity began with reconnaissance of publicly exposed systems, which matched MITRE ATT&CK techniques such as Active Scanning (T1595) and Gather Victim Host Information (T1592), based on network telemetry and log data. Following the publication of the claims, a spokesperson claiming to represent ShinyHunters denied the group’s involvement, saying it was not responsible for the activity Resecurity attributed to the alleged attackers.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4112729/cybersecurity-firm-turns-tables-on-threat-actors-with-decoy-data-trap.html
