It is hard to believe, however, according to Bloomberg, several cybersecurity experts believe that a 16-year-old teenager, living with his mother, near Oxford, could be one of the masterminds of the Lapsus$ group. Appearing at the end of 2021, the list of its victims makes you dizzy: Nvidia, Samsung, Vodaphone, Ubisoft, Microsoft…
Lapsus$ is gifted, but leaves traces
” Some of our members are on vacation until March 30. We’re going to be quieter for a while. Thank you for your understanding – we will try to disclose things as soon as possible “. This message is the last sent to the 50,000 subscribers of Lapsus$’s Telegram account, on March 23.
The rest of the brave. Source: Telegram
The day before, the group revealed a new hack with potentially disastrous consequences: that of the Okta authentication and identity management platform. After such feats of arms, a few days of rest seem well deserved.
The FBI estimates that cybercrime cost 6.3 billion euros in the past year
Could this period of inactivity hide something else? Such as identifying some of the band members? Microsoft, published a note on the group, named for the occasion DEV-0537, which suggests, ” Unlike most activity groups that stay under the radar, DEV-0537 doesn’t seem to cover its tracks. “.
This inability to hide would have allowed cybersecurity experts to partially trace the group. According to them, seven unique accounts can be associated with Lapsus$. Two people, linked to certain attacks, emerge from this tracking: a teenager living in Brazil and one from Oxford, England.
In the case of the latter, a group of competing hackers had already exposed his identity, address and other personal information. sufficient for Bloomberg knock on the door of the mother of the budding cybercriminal. She said she was unaware of her son’s alleged activities.
Lapsus$ has and continues to puzzle many cybersecurity researchers. The cyberattacks he carried out were so effective that the trail of an automated activity was mentioned for a time. To hack companies, Lapsus$ would have used social engineering and even publicly offered to pay employees of their targets to obtain internal access.
Suspicions not yet confirmed
These two points aside, its methodology remains relatively classic: steal sensitive information from a company, give credibility to its action by publishing extracts, demand a ransom so as not to disclose the remaining data.
However, the group has distinguished itself on several occasions. He demanded, as a ransom from Nvidia, that the group’s graphics chips no longer be restricted for cryptocurrency mining. Provocative, Bloomberg reveals that some of its members would have invited themselves to Zoom meetings of its victims.
It is not exceptional for pirates to show a certain eccentricity, without constituting a clue as to their age. Lapsus$ is always shrouded in a certain aura of mystery. Authorities declined to comment on Bloomberg’s disclosures. The British teenager, for his part, is not, for the moment, worried by the police.