According to HackRead, the notorious hacking group ShinyHunters is claiming its official clearnet domain has been suspended, sparking speculation that the action may be linked to its recent attacks, including the compromise of Instructure's Canvas LMS platform.The group's domain, shinyhunte.rs, went offline on Monday, May 11, 2026, leading to rumors of law enforcement seizure, potentially involving the FBI. This outage follows ShinyHunters' claim of responsibility for defacing the Canvas LMS, a system used by numerous universities globally, which caused disruptions for students. While the .rs domain was primarily used for announcements, the group's actual data leaks, including those from previous Salesforce breaches, were hosted on a separate dark web (.onion) site. ShinyHunters stated that the suspended domain is no longer under their control and warned users against trusting it, announcing all future communications will exclusively occur on their onion domain.The .rs domain is Serbia's country code top-level domain, managed by the Serbian National Internet Domain Registry. While domain suspensions are common for cybercrime, it is unclear if Serbian authorities acted independently or at the request of foreign agencies. The group's shift to exclusively using its onion-based infrastructure indicates a move towards enhanced operational security and reduced exposure following increased attention.Source: HackRead
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds




