ShinyHunters Announces Alleged Cyberattack on Resecurity

The hacker collective ShinyHunters asserts that the US-based cybersecurity firm Resecurity located in Los Angeles has been compromised. The group declared in a post on its Telegram channel that it had complete access to the internal systems of Resecurity. To back this claim, ShinyHunters revealed screenshots which they assert depict sensitive dashboards and internal data. These screenshots were subsequently assessed by the cybersecurity news website Hackread.com.

Thus far, Resecurity has not made any public statements regarding the matter or verified if their systems were indeed compromised. The breach remains unverified by both independent and official sources.

What ShinyHunters Claims Was Taken

The hackers have disclosed that the following pieces of information were obtained via Resecurity’s data breach:

• Histories and logs of internal chats
• Discussions related to strategic planning

 

• Detailed full client lists

 

• Intelligence reports of threats and internal documentation

Information about employees including their names, email addresses, and authentication tokens

Screenshots provided by ShinyHunters seem to reveal user management panels, API access tokens, Firebase Cloud Messaging tokens, and Mattermost chats of the company. Hackread analysts confirmed that quite a few of the names seen in the photos are associated with people who work at the organization.

The hackers went on and additionally presented what they said was proof of the existence of internal dashboards connected to the company's domain emails. Included in these were real-time tokens and the capability to get administrative access for either authentication or access control purposes.

Accusations and Motivation Behind the Claim

In its Telegram notice, ShinyHunters made direct accusations against Resecurity regarding trickery. The collective claimed that Resecurity had previously attempted to impersonate a possible buyer on darknet marketplaces to either monitor or penetrate hacker circles. Particularly, it made mention of a case concerning the leak of Vietnam's credit database and implied that the supposed assault was a counterattack resulting from Resecurity's strategies.

ShinyHunters further pointed out presumed collaboration with the Devman ransomware group in carrying out the attack. Moreover, the publication alluded to previous assaults that had been claimed against other cybersecurity companies like CrowdStrike, linking this particular instance even more to the larger ongoing battle between cybercriminals and the security industry.

Unverified Claims and Potential Impact

So far, no one has confirmed in an official capacity that the security breach of Resecurity’s systems occurred. Moreover, it is not possible to independently check the extent of the incident or the authenticity of the leaked screenshots. If the latter is the case, it would be the penetration of a very significant incident that the firm offering cyber threat intelligence, digital forensic, and investigation services to the government as well as private clients.

It would not only cause the exposure of client lists, threat data, and internal credentials but also be seriously damaging for Resecurity’s customer and partner relationships. It might also create doubt at the company’s end about protecting the sensitive information’s confidentiality.