Press "Enter" to skip to content

Insights into Lapsus$, as leaders are arrested

The Lapsus$ hacking group has made the headlines this week, particularly around Microsoft and Okta earlier in the week.   Turns out, an England-based teenager may be in charge of it.    Bloomberg with the story.

“Four researchers investigating the hacking group Lapsus$, on behalf of companies that were attacked, said they believe the teenager is the mastermind,” Bloomberg said. However, the teenager, who apparently uses the online aliases “White” and “breachbase,” has not been accused by law enforcement, and the researchers “haven’t been able to conclusively tie him to every hack Lapsus$ has claimed,” Bloomberg said.

The teenager’s mother was unaware.

That’s not to say the gang isn’t dangerous – profiles are coming out, focusing on the other victims, including Nvidia, Samsung, Ubisoft, and the Brazilian Ministry of Health.    That teenager isn’t alone, and Lapsus$ uses a Telegram channel to share information about its attacks – and data stolen from its victims – directly with anyone who is subscribed to it. 

The teen may not be the only one – the reporting identifies another teenager based in Brazil, and the group is noted to be highly skilled.

And continuing the story, the BBC reported that London Police say they have arrested seven teenagers in relation to the gang but will not say if he is one.  From the police: “Seven people between the ages of 16 and 21 have been arrested in connection with this investigation and have all been released under investigation. Our enquiries remain ongoing.”

I’m also referencing a VICE piece that profiles the group.   A key quote “LAPSUS$ abuses the human weaknesses inside companies, such as their IT or customer support. In other cases, they purchase already hacked login tokens from the digital underground. Ordinarily, some cybersecurity professionals may see these as low-level threats. The reality is that sophistication is not the only metric that makes a hacker a security risk. So is their audacity. “

Why do we care?

I talk a lot about the organization of these gangs… well, here’s one a lot less organized.  

That said, it’s that statement about the threat level.      Low-level threats, huh?       Their brazen nature makes them a real threat, and that’s not to be overlooked.      Learning threat modeling is the skill to consider here – and making sure those models constantly take in new inputs.