{"id":992,"date":"2026-02-02T17:02:07","date_gmt":"2026-02-02T17:02:07","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/"},"modified":"2026-02-02T17:02:07","modified_gmt":"2026-02-02T17:02:07","slug":"please-dont-feed-the-scattered-lapsus-shiny-hunters","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/","title":{"rendered":"Please Don\u2019t Feed the Scattered Lapsus Shiny Hunters"},"content":{"rendered":"<div>\n<p>A prolific data ransom gang that calls itself <strong>Scattered Lapsus Shiny Hunters<\/strong> (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators about the extent of the intrusion. Some victims reportedly are paying \u2014 perhaps as much to contain the stolen data as to stop the escalating personal attacks. But a top SLSH expert warns that engaging at all beyond a \u201cWe\u2019re not paying\u201d response only encourages further harassment, noting that the group\u2019s fractious and unreliable history means the only winning move is not to pay.<\/p>\n<div id=\"attachment_73160\" style=\"width: 758px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" aria-describedby=\"caption-attachment-73160\" decoding=\"async\" class=\" wp-image-73160\" src=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed.png\" alt=\"\" width=\"748\" height=\"746\" srcset=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed.png 915w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed-768x766.png 768w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed-782x780.png 782w\" sizes=\"auto, (max-width: 748px) 100vw, 748px\"><\/p>\n<p id=\"caption-attachment-73160\" class=\"wp-caption-text\">Image: Shutterstock.com, @Mungujakisa<\/p>\n<\/div>\n<p>Unlike traditional, highly regimented Russia-based ransomware affiliate groups, SLSH is an unruly and somewhat fluid English-language extortion gang that appears uninterested in building a reputation of consistent behavior whereby victims might have some measure of confidence that the criminals will keep their word if paid.<\/p>\n<p>That\u2019s according to <strong>Allison Nixon<\/strong>, director of research at the New York City based security consultancy <a href=\"https:\/\/unit221b.com\/\" target=\"_blank\" rel=\"noopener\">Unit 221<\/a>. Nixon has been closely tracking the criminal group and individual members as they bounce between various Telegram channels used to extort and harass victims, and she said SLSH differs from traditional data ransom groups in other important ways that argue against trusting them to do anything they say they\u2019ll do \u2014 such as destroying stolen data.<\/p>\n<p>Like SLSH, many traditional Russian ransomware groups have employed high-pressure tactics to force payment in exchange for a decryption key and\/or a promise to delete stolen data, such as publishing a dark web shaming blog with samples of stolen data next to a countdown clock, or notifying journalists and board members of the victim company. But Nixon said the extortion from SLSH quickly escalates way beyond that \u2014 to threats of physical violence against executives and their families, DDoS attacks on the victim\u2019s website, and repeated email-flooding campaigns.<\/p>\n<p>SLSH is known for breaking into companies by phishing employees over the phone, and using the purloined access to steal sensitive internal data. In <a href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/expansion-shinyhunters-saas-data-theft\" target=\"_blank\" rel=\"noopener\">a January 30 blog post<\/a>, Google\u2019s security forensics firm <strong>Mandiant<\/strong> said SLSH\u2019s most recent extortion attacks stem from incidents spanning early to mid-January 2026, when SLSH members pretended to be IT staff and called employees at targeted victim organizations claiming that the company was updating MFA settings.<\/p>\n<p>\u201cThe threat actor directed the employees to victim-branded credential harvesting sites to capture their SSO credentials and MFA codes, and then registered their own device for MFA,\u201d the blog post explained.<\/p>\n<p>Victims often first learn of the breach when their brand name is uttered on whatever ephemeral new public Telegram group chat SLSH is using to threaten, extort and harass their prey. According to Nixon, the coordinated harassment on the SLSH Telegram channels is part of a well-orchestrated strategy to overwhelm the victim organization by manufacturing humiliation that pushes them over the threshold to pay.<\/p>\n<p>Nixon said multiple executives at targeted organizations have been subject to \u201cswatting\u201d attacks, wherein SLSH communicated a phony bomb threat or hostage situation at the target\u2019s address in the hopes of eliciting a heavily armed police response at their home or place of work.<\/p>\n<p>\u201cA big part of what they\u2019re doing to victims is the psychological aspect of it, like harassing executives\u2019 kids and threatening the board of the company,\u201d Nixon told KrebsOnSecurity. \u201cAnd while these victims are getting extortion demands, they\u2019re simultaneously getting outreach from media outlets saying, \u2018Hey, do you have any comments on the bad things we\u2019re going to write about you.\u201d<\/p>\n<p>Nixon argues that no one should negotiate with SLSH because the group has demonstrated a willingness to extort victims based on promises that it has no intention to keep. Nixon points out that all of SLSH\u2019s known members hail from <strong>The Com<\/strong>, shorthand for a constellation of cybercrime-focused Discord and Telegram communities which serve as a kind of <a href=\"https:\/\/krebsonsecurity.com\/2024\/09\/the-dark-nexus-between-harm-groups-and-the-com\/\" target=\"_blank\" rel=\"noopener\">distributed social network that facilitates instant collaboration<\/a>.<\/p>\n<p>Nixon said Com-based extortion groups tend to instigate feuds and drama between group members, leading to lying, betrayals, credibility destroying behavior, backstabbing, and sabotaging each other.<\/p>\n<p>\u201cWith this type of ongoing dysfunction, often compounding by substance abuse, these threat actors often aren\u2019t able to act with the core goal in mind of completing a successful, strategic ransom operation,\u201d Nixon said. \u201cThey continually lose control with outbursts that put their strategy and operational security at risk, which severely limits their ability to build a professional, scalable, and sophisticated criminal organization network for continued successful ransoms \u2013 unlike other, more tenured and professional criminal organizations focused on ransomware alone.\u201d<\/p>\n<p>Intrusions from established ransomware groups typically center around encryption\/decryption malware that mostly stays on the affected machine. In contrast, Nixon said, ransom from a Com group is often structured the same as violent sextortion schemes against minors, wherein members of The Com will steal damaging information, threaten to release it, and \u201cpromise\u201d to delete it if the victim complies without any guarantee or technical proof point that they will keep their word. She writes:<\/p>\n<blockquote>\n<p>The SLSH group steals a significant amount of corporate data, and on the day of issuing the ransom notification, they line up a number of harassment attacks to be delivered simultaneously with the ransom. This can include swatting, DDOS, email\/SMS\/call floods, negative PR, complaints sent to authority figures in and above the company, and so on. Then, during the negotiation process, they lay on the pressure with more harassment- never allowing too much time to pass before a new harassment attack.<\/p>\n<p>What they negotiate for is the promise to not leak the data if you pay the ransom. This promise places a lot of trust in the extorter, because they cannot prove they deleted the data, and we believe they don\u2019t intend to delete the data. Paying provides them vital information about the value of the stolen dataset which we believe will be useful for fraud operations after this wave is complete.<\/p>\n<\/blockquote>\n<p>A key component of SLSH\u2019s efforts to convince victims to pay, Nixon said, involves manipulating the media into hyping the threat posed by this group. This approach also borrows a page from the playbook of sextortion attacks, she said, which encourages predators to keep targets continuously engaged and worrying about the consequences of non-compliance.<\/p>\n<p>\u201cOn days where SLSH had no substantial criminal \u2018win\u2019 to announce, they focused on announcing death threats and harassment to keep law enforcement, journalists, and cybercrime industry professionals focused on this group,\u201d she said.<\/p>\n<div id=\"attachment_73163\" style=\"width: 758px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/comtutsh.png\" target=\"_blank\" rel=\"noopener\"><img aria-describedby=\"caption-attachment-73163\" decoding=\"async\" loading=\"lazy\" class=\"wp-image-73163\" src=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/comtutsh.png\" alt=\"\" width=\"748\" height=\"92\" srcset=\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/comtutsh.png 935w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/comtutsh-768x94.png 768w, https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/comtutsh-782x96.png 782w\" sizes=\"auto, (max-width: 748px) 100vw, 748px\"><\/a><\/p>\n<p id=\"caption-attachment-73163\" class=\"wp-caption-text\">An excerpt from a sextortion tutorial from a Com-based Telegram channel. Image: Unit 221B.<\/p>\n<\/div>\n<p>Nixon knows a thing or two about being threatened by SLSH: For the past several months, the group\u2019s Telegram channels have been replete with threats of physical violence against her, against Yours Truly, and against other security researchers. These threats, she said, are just another way the group seeks to generate media attention and achieve a veneer of credibility, but they are useful as indicators of compromise because SLSH members tend to name drop and malign security researchers even in their communications with victims.<\/p>\n<p>\u201cWatch for the following behaviors in their communications to you or their public statements,\u201d Nixon said. \u201cRepeated abusive mentions of Allison Nixon (or \u201cA.N\u201d), Unit 221B, or cybersecurity journalists\u2014especially Brian Krebs\u2014or any other cybersecurity employee, or cybersecurity company. Any threats to kill, or commit terrorism, or violence against internal employees, cybersecurity employees, investigators, and journalists.\u201d<\/p>\n<p>Unit 221B says that while the pressure campaign during an extortion attempt may be traumatizing to employees, executives, and their family members, entering into drawn-out negotiations with SLSH incentivizes the group to increase the level of harm and risk, which could include the physical safety of employees and their families.<\/p>\n<p>\u201cThe breached data will never go back to the way it was, but we can assure you that the harassment will end,\u201d Nixon said. \u201cSo, your decision to pay should be a separate issue from the harassment. We believe that when you separate these issues, you will objectively see that the best course of action to protect your interests, in both the short and long term, is to refuse payment.\u201d<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>A prolific data ransom gang that calls itself Scattered Lapsus Shiny Hunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators about the extent of the intrusion. Some victims reportedly are paying \u2014 perhaps as [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[568,90,567,143,569,106,570,571,572,176,573],"tags":[91],"class_list":["post-992","post","type-post","status-publish","format-standard","hentry","category-allison-nixon","category-cybersecurity","category-data-breaches","category-latest-warnings","category-mandiant","category-ransomware","category-scattered-lapsus-shiny-hunters","category-sextortion","category-slsh","category-the-coming-storm","category-unit-221","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Please Don\u2019t Feed the Scattered Lapsus Shiny Hunters - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Please Don\u2019t Feed the Scattered Lapsus Shiny Hunters - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"A prolific data ransom gang that calls itself Scattered Lapsus Shiny Hunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators about the extent of the intrusion. Some victims reportedly are paying \u2014 perhaps as [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-02-02T17:02:07+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"Please Don\u2019t Feed the Scattered Lapsus Shiny Hunters\",\"datePublished\":\"2026-02-02T17:02:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/\"},\"wordCount\":1371,\"image\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed.png\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Allison Nixon\",\"Cybersecurity\",\"Data Breaches\",\"Latest Warnings\",\"Mandiant\",\"Ransomware\",\"Scattered Lapsus Shiny Hunters\",\"sextortion\",\"SLSH\",\"The Coming Storm\",\"Unit 221\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/\",\"name\":\"Please Don\u2019t Feed the Scattered Lapsus Shiny Hunters - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed.png\",\"datePublished\":\"2026-02-02T17:02:07+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#primaryimage\",\"url\":\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed.png\",\"contentUrl\":\"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Please Don\u2019t Feed the Scattered Lapsus Shiny Hunters\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Please Don\u2019t Feed the Scattered Lapsus Shiny Hunters - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/","og_locale":"en_US","og_type":"article","og_title":"Please Don\u2019t Feed the Scattered Lapsus Shiny Hunters - Imperative Business Ventures Limited","og_description":"A prolific data ransom gang that calls itself Scattered Lapsus Shiny Hunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators about the extent of the intrusion. Some victims reportedly are paying \u2014 perhaps as [&hellip;]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-02-02T17:02:07+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"Please Don\u2019t Feed the Scattered Lapsus Shiny Hunters","datePublished":"2026-02-02T17:02:07+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/"},"wordCount":1371,"image":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#primaryimage"},"thumbnailUrl":"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed.png","keywords":["Cybersecurity"],"articleSection":["Allison Nixon","Cybersecurity","Data Breaches","Latest Warnings","Mandiant","Ransomware","Scattered Lapsus Shiny Hunters","sextortion","SLSH","The Coming Storm","Unit 221"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/","name":"Please Don\u2019t Feed the Scattered Lapsus Shiny Hunters - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#primaryimage"},"image":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#primaryimage"},"thumbnailUrl":"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed.png","datePublished":"2026-02-02T17:02:07+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#primaryimage","url":"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed.png","contentUrl":"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/02\/dontfeed.png"},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/02\/please-dont-feed-the-scattered-lapsus-shiny-hunters\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"Please Don\u2019t Feed the Scattered Lapsus Shiny Hunters"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/992","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=992"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/992\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=992"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=992"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=992"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}