Investigators believe there is a teenage boy behind the “Child & &” attacks.
Adobe Stock / AOP
The hacker group “Lapsus &” has terrorized several large technology companies in recent weeks. The list includes Microsoft, Nvidia, Samsung, Ubisoft and the certification company Okta.
Microsoft confirmed on Wednesday that attackers had access to the 37-gigabyte source code of the Bing search engine and artificial intelligence assistant Cortana. “Lapsus &” claimed that this was about 45 percent of the product source code.
“Lapsus &” tried to blackmail Microsoft into paying ransom, which the company probably refused to pay because hackers leaked the source code online. However, Microsoft reassured people in its bulletin stating that leakage of the code will not lead to security risks as it does not include sensitive material in this regard.
The cloud services company Okta also admitted that the attackers of “Lapsus &” had gained access to the secret information. The attackers had apparently been able to break into the company’s support person’s machine in January, through which they had access to customer data.
The hacking concerns Oktan by about 2.5 percent of the company’s total customers, or about 370 customers. The company has said that it has been in contact with its customers affected by the breach.
As the leader of the attacks, my Englishman?
Security professionals have tried to catch members of “Lapsus &”. Now, apparently, progress has been made, as researchers working on behalf of the companies say they have tracked down one of the main hackers. This is apparently a 16-year-old Oxford boy living with his mother, Bloomberg news.
Investigators have identified seven accounts related to the hacker group, one of which is linked to another teenage boy in Brazil. However, the British are believed to have been responsible for the group’s biggest attacks.
According to Bloomberg, the search for the English hacker was facilitated by the fact that the competing hackers had apparently published information about the young man on the network, including his address and information about his parents. The hacker has used the nicknames “White” and “Breachbase”.
White has been reported to be so adept and fast at hacking that researchers have previously thought the attacks were automated.
“Lapsus &” has clearly sought attention with its attacks, as it has been openly reported on social media. In addition to money alone, the reputation also seems to appeal to attackers.