I’m thrilled to sit down with Dominic Jainy, a seasoned IT professional whose deep knowledge of artificial intelligence, machine learning, and blockchain offers a unique perspective on the evolving world of cybersecurity. With a keen interest in how cutting-edge technologies shape industries, Dominic is the perfect person to help us unpack a recent and alarming development in the cyber threat landscape: a group calling itself “Scattered LapSus Hunters” has issued an ultimatum to Google, threatening to leak sensitive databases unless specific demands are met. In this conversation, we’ll dive into the origins and credibility of this mysterious coalition, the nature of their demands, the potential impact of a data leak, and what this means for the future of cybersecurity in big tech. Let’s get started.
Can you shed some light on the group calling itself “Scattered LapSus Hunters” and what we know about the hacking communities they claim to represent?
Certainly. The name “Scattered LapSus Hunters” seems to be a mash-up of well-known hacking groups like Scattered Spider, LapSus, and ShinyHunters. Each of these groups has a distinct reputation in the cybercrime world. Scattered Spider, for instance, is notorious for their social engineering tactics—tricking people into giving up access through incredibly clever manipulation. LapSus made headlines with bold, high-profile attacks on major tech firms, often with a flair for publicity. ShinyHunters, on the other hand, specializes in massive data breaches and selling stolen info on the dark web. If this new group truly is a coalition of members from these entities, it could signal a dangerous pooling of skills and resources.
How credible do you think their claim of being a unified coalition actually is, given the information we have so far?
It’s hard to say definitively without more evidence, but the idea of a coalition isn’t far-fetched. Hacking groups often collaborate or share tools and tactics on underground forums, especially when they see a mutual benefit in targeting a giant like Google. However, it could also be a branding tactic—a way to amplify fear by invoking the names of notorious groups. Until we see concrete proof of their capabilities or collaboration, like shared code or coordinated attack patterns, I’d approach their claim with cautious skepticism.
What can you tell us about the specific demands this group has made to Google in their ultimatum?
From what’s been reported, they’ve demanded that Google terminate two employees from its Threat Intelligence Group, Austin Larsen and Charles Carmakal. On top of that, they’re insisting that Google completely halt all investigations into their network’s activities. It’s a bold and unusual set of demands, blending personal targeting with a broader push to cripple Google’s ability to track or counter their operations.
Why do you think they’ve zeroed in on these two specific individuals from Google’s Threat Intelligence Group?
It’s likely these individuals have been instrumental in tracking or disrupting the activities of one or more of these hacking groups. Threat intelligence professionals often build detailed profiles of cybercriminal networks, sometimes getting close to identifying key players. Naming them specifically could be an attempt to intimidate or retaliate, or even to send a message to other tech companies that their investigators aren’t untouchable. It’s a psychological tactic as much as a strategic one.
How serious do you consider the threat of leaking Google’s databases, especially since no proof of access has been provided yet?
At this stage, it’s difficult to gauge the seriousness without evidence. The lack of proof—such as sample data or screenshots—suggests this could be a bluff to pressure Google into compliance. However, we can’t dismiss it outright. Even the rumor of a breach can cause reputational damage, and if they do have access, the consequences could be catastrophic. We’re talking about sensitive user data, internal strategies, or even proprietary tech that could be weaponized or sold.
If this data leak turns out to be real, what kind of impact could it have on Google and its users?
The fallout would be immense. For Google, a breach of this scale could erode trust from users and partners, potentially leading to legal battles, regulatory fines, and a hit to their stock value. For users, depending on the data exposed, it could mean compromised personal information, increased risk of identity theft, or phishing attacks. Beyond that, leaked internal data could give competitors or other malicious actors an edge. It’s a ripple effect that could take years to fully address.
There’s mention of a connection to an earlier breach involving Salesforce, a vendor for Google. Can you explain how that fits into this story?
Yes, Google disclosed in August that ShinyHunters, one of the groups allegedly part of this coalition, managed to obtain data through a breach in Salesforce’s systems. Since Salesforce provides services to Google, this incident highlights how third-party vendors can become a weak link in a larger security chain. The breach didn’t occur within Google’s infrastructure, but it still exposed data relevant to them, which could be fueling this ultimatum or providing leverage for the hackers’ claims.
What does this incident with Salesforce tell us about vulnerabilities in third-party vendors and their impact on companies like Google?
It underscores a critical challenge in today’s interconnected tech ecosystem: no matter how secure a company’s own systems are, they’re only as strong as their weakest partner. Vendors like Salesforce handle sensitive data for multiple clients, making them prime targets. If a vendor lacks robust security protocols or fails to patch vulnerabilities, it can open the door to breaches that cascade across their clients. For Google, this is a reminder that vetting and monitoring third-party partners is just as crucial as securing their own infrastructure.
What’s your take on the idea of a supergroup like “Scattered LapSus Hunters” forming in the hacking world?
It’s a concerning development. Individually, these groups—Scattered Spider, LapSus, and ShinyHunters—have already caused significant damage. If they’re truly combining forces, you’ve got a mix of social engineering expertise, aggressive attack methods, and data theft proficiency. That kind of synergy could make them far more effective at penetrating defenses and executing complex, multi-stage attacks. It’s a bit like assembling a cybercrime dream team, and it raises the stakes for everyone in the tech space.
How do you think Google might respond to an ultimatum like this, given the nature of the demands?
I can’t imagine Google capitulating to demands like firing employees or halting investigations—that would set a dangerous precedent and embolden other groups to make similar threats. More likely, they’re doubling down on internal security audits, working with law enforcement, and possibly engaging in behind-the-scenes negotiations or counterintelligence to identify the threat actors. Publicly, they’ll probably remain tight-lipped to avoid giving the group any leverage or attention.
Looking ahead, how might the emergence of collaborative hacking groups change the way big tech companies approach cybersecurity?
It could push companies to adopt a more proactive and collaborative defense strategy. We might see greater investment in threat intelligence sharing between firms, as well as partnerships with government agencies to track and disrupt these networks. There’s also likely to be a stronger focus on resilience—building systems that can withstand or recover quickly from breaches. Finally, I think we’ll see an emphasis on disrupting the economic incentives for hackers, like cracking down on dark web marketplaces where stolen data is sold.
What is your forecast for the future of cyber threats, especially with the potential rise of supergroups like this one?
I think we’re entering an era where cyber threats become more organized and sophisticated, much like traditional crime syndicates. Supergroups, if they become a trend, could operate with near-corporate efficiency, pooling resources and targeting high-value entities with precision. On the flip side, this might galvanize a stronger global response—think international task forces and AI-driven defense systems to predict and neutralize threats. The cat-and-mouse game between hackers and defenders will only intensify, and adaptability will be key for companies to stay ahead.