Scattered Lapsus$ Hunters, linked to the Jaguar Land Rover cyberattack, claims to close down as consultants counsel the group is fracturing underneath stress.
For days, there had been silence from Scattered Lapsus$ Hunters, the group suspected of finishing up the latest cyber assault on Jaguar Land Rover (JLR). Now the hackers have resurfaced with a press release, to not announce one other breach, however to declare they’re strolling away.
The announcement appeared first on the group’s Telegram channel after which on BreachForums.hn, a website owned by the group. The submit described the final 72 hours as a interval spent with household and a time to activate “contingency plans.” It portrayed the pause as strategic, claiming that whereas consideration was on headline-grabbing assaults towards Google, Salesforce, and CrowdStrike, the group was quietly getting ready its exit.
The message learn extra like a manifesto than a farewell. It listed companies equivalent to Air France, American Airways, British Airways, and luxurious group Kering as companies that “know” they’ve suffered breaches however have but to obtain ransom calls for.
It additionally warned that forthcoming reviews of information leaks at multinational corporations and authorities companies wouldn’t sign continued exercise, solely the delayed fallout of earlier campaigns.
On the similar time, the group addressed arrests linked to affiliated operations like. It expressed sympathy for people going through prosecution, framing them as scapegoats and collateral harm in what it described as a battle towards highly effective establishments. The assertion closed with a farewell signed by a protracted roster of aliases, from IntelBroker (arrested in June 2025) to Trihash, and declared that the collective would now “go darkish.”
Whereas the submit suggests cautious planning, consultants stay sceptical. Cian Heasley, principal marketing consultant at Acumen Cyber, described the transfer as a clear try to purchase respiration house. “This can be a group that thrives on volatility. The concept that they’ve calmly activated contingency plans appears farfetched,” he stated. “It’s extra probably they’re panicking about jail time, debating how a lot consideration they need, and mendacity low till the mud settles.”
Heasley famous that the reference to undisclosed breaches is critical, because it signifies victims should still be unaware of compromises. On the similar time, he advised the submit may merely be the hackers throwing one final punch, pointing to how far they managed to get. “They are saying they maintain the ability, however the true message is that Scattered Lapsus$ Hunters is working scared,” he added.
Whether or not it is a real shutdown or a brief pause, extra breach disclosures are anticipated within the coming weeks as investigations meet up with their campaigns. Historical past means that even when Scattered Lapsus$ Hunters doesn’t return in its present type, a few of its members will. The cash and thrill of high-profile hacking are not often deserted for lengthy.
