Recently, several tech companies have been targeted by hacker attacks that have been claimed by a group known as Lapsus$ – some targets include Ubisoft, Samsung, and Okta. These breaches were not small, Nvidia, for example, lost secret GPU designs and Microsoft had gigabytes of source code stolen.
Since they appeared, many security companies have been trying to find out who is behind everything. Now, cybersecurity researchers investigating the attacks claim they have found the possible “brain” behind it all – and that he is a teenager of 16 years who lives in England.
According to a Bloomberg report, researchers investigating the group reveal that the young man may be behind most, but not all, attacks. This is because the group is believed to have at least seven other members – one of them is a Brazilian teenager who is also being investigated.
Returning to the English boy, he was only named as a suspect after rival hackers allegedly shared information about the teenager online. This data includes his address and details about his parents. Of course, none of this has been revealed to the public, except that he uses the pseudonyms “White” and “breachbase”.
Photo: BA/Pixabay
In pursuit of fame…
Some researchers believe that the group is not just motivated by money, but also by notoriety. This became clear the moment Lapsus$ started not covering its tracks. They publish information about their accomplishments and even advertise that they buy logins and passwords from company employees.
It is worth mentioning that, although investigators have drawn up a list of suspects, no one has actually been charged with the break-ins. However, some shared details cite some characteristics of how the group acts.
In the first one, they claim that the 16-year-old is so good at what he does that “researchers initially thought the activity was fully automated”. Additionally, in a statement, Microsoft said the hackers are carrying out a “large-scale social engineering and extortion campaign” as they always seek “company insiders to help with their hacks.”
Image: Soumil Kumar/Pexels
Finally, they seem to want to provoke the hacked companies by using the login of compromised employees to enter Zoom calls with the victims, “where they provoke employees and consultants”.
Until the charges are formally made, security researchers are still looking for information to link the attacks to the two aforementioned youths, as well as the rest of the group.
