Nvidia, Samsung, Ubisoft, Microsoft and possibly even the video game giant EA sports. List of targets affected by cybergang Lapsus $ in recent months is full of prestigious prizes. Trophies that may be hanging in the room of some English teenager, very good with computers but not fast enough to escapeintelligence in the UK. seven men between 16 and 21 years old They were arrested in London on suspicion of being linked to the $ Lapsus group. This was confirmed by Inspector Michael O’Sullivan of the London Police, who in a statement to the edge He said: ‘The City of London Police have conducted an investigation with their partners regarding members of a hacker group. seven people aged i 16 and 21 years old related to this investigation. Now they have been released, but they are all still under investigation.”
Before these arrests always the UK one 16 years He had been accused of being the mastermind of the group. According to a report published by Bloomberg It was identified by a team of researchers hired by the companies attacked by Lapsus$. According to the profile placed in this analytics, the boy would be a former administrator of Doxbin, a portal for searching and sharing people’s private information. Before the location directory was released, the boy had posted the entire Doxbin archive via Telegram. London police did not clarify whether this individual was also involved in the arrests linked to the investigation into the Lapsus$ group.
Some doubts that Lapsus$ champions were newbies had already arrived. The first action was registered last December against the Brazilian Ministry of Health. The blow was severe: 50 TB Internal data has been copied and deleted from all systems. In January, it received another blow to a company that deals with media production, this time in Portugal. Then came the measures against big technology And above all the details that made us think of one Internet gang He was just starting to move in this world. The March 22 Expert researcher in cyber security Bill Demicarby He posted an analysis showing that $Lapsus posted the hit announcement at Microsoft while data mining was still in progress. Not exactly the best way to not get caught.
Methods Gang Then it will depend on the way things work the pirate Which passes more people than computers. The group operates a Telegram channel which, as we write, has come 50 thousand subscribers. Here not only the most important visits are announced, but also direct interaction with those who want to support the group. The last message dates back to a few hours ago: “We’ve noticed several users impersonating $Lapsus employees. Remember that anyone claiming to be Lapsus$ is most likely a fake. The only public username is @Lapsusjobs where you can work as an internal user and get paid.”
In this group are contacted people who help criminals in their actions. The strategy used by Lapsus$ actually goes through from the inside, contacts who can publish information directly from the respective companies. These people are contacted within the chat, trained and paid to pass all the keys and procedures for copying or deleting data to criminals. A completely different mechanism than that of ransomware, which is malware created to infiltrate computer systems independently, block data and then demand a ransom.
Cover Photo: www.freepik.com
“Incurable internet trailblazer. Troublemaker. Explorer. Professional pop culture nerd.”