7 suspects of belonging to the Lapsus$ hacker group are arrested in the UK

British police have arrested seven people What suspected of belonging to the Lapsus$ hacker group, responsible for attacks on technology companies of considerable weight, among which are Microsoft, Samsung, Okta or Nvidia. Few details about the arrests are known, according to The Register, but the age range of those arrested, who are very young: between 16 and 21 years old. In fact, all suspicions point to one of its leaders, from Oxford, is only 16 years old.

London Police have confirmed the arrests, “in connection with an investigation into a hacking group“, and points out that after they have been put “released under investigationwhile the investigation continues.

As for the minor suspected of being the leader of Lapsus$, whose identity cannot be revealed for legal reasons, he has apparently made about 14 million dollars in his online criminal activities. Everything indicates that his personal information was leaked on the Internet after apparently having a fight with his partners in crime. Apparently, several security companies had been tracking him for a few months now, but they have not confirmed whether the leader of Lapsus $ is the arrested teenager.

This group of hackers has gained a lot of notoriety in recent months for their no-complement tactics and propensity to brag about their accomplishments on Telegram. Its usual modus operandi is to infiltrate the network of a large and deep target, making requests, usually for money, so that the attacked targets can prevent members of the group from making public the material they have obtained by infiltrating their networks. Of course, that they pay does not guarantee that the attackers will not publish what they have stolen, because in many cases they do. At least, with part of it.

At the beginning of the investigations, everything pointed to the members of Lapsus$ being in Brazil, because among its first victims were the Brazilian Ministry of Health and the Portuguese-language media SIC Noticias and Expresso. The alarms went off when last February they stole 1 TB of information data from Nvidia, which included company credentials and proprietary information, and posted some of it online. A few days later, the group assured that they had accessed the network of Samsung and stolen 190 GB of their internal files, with data that included the source code of their Galaxy devices. In addition, they claim to be responsible for a security problem that also had Ubisoft.

Microsoft has been its latest victim, along with the Okta authentication platform. Those of Redmond have confirmed that they have suffered the theft of a part of the source code of several of their products, and that they believe that the group seems to act «motivated by theft and destruction«.

But unlike what other groups do, the group, which Microsoft has called DEV-0537, does not appear to cover their tracks, which range from announcing their attacks on social media to going public with their attempts to steal credentials from employees at targeted organizations. They do this by various means: social engineering, SIM swapping, access to employee email accounts, or payment to employees and suppliers of organizations for access to credentials and access through multiple identification systems of companies. They also infiltrate their targets’ crisis communication calls.

Related Articles

Leave a Reply

Your email address will not be published.