Fast Links
Over the last month, some of the world’s largest tech companies have been hacked by a group called Lapsus$. Microsoft, Nvidia, Ubisoft, Samsung, and Okta have been the companies hacked, and, unfortunately, these hacks haven’t been minor either.
Nvidia lost sensitive GPU designs, and Microsoft lost gigabytes of necessary source code. These companies haven’t been taking this lying down, though. The initial Bloomberg report states that “Four researchers investigating the hacking group Lapsus$, on behalf of companies that were attacked, said they believe the teenager is the mastermind.”
Ubisoft had reported that they had experienced a “cyber security incident” that had interrupted various services for games and systems, according to their report on the 10th of March.
The teen suspected of the hack in question whose name is not given is a 16-year-old English boy who is believed to be behind most, though not all, of the intrusions. A second suspect that the researchers are investigating is a Brazilian teenager believed to be part of a seven-member group.
Teenagers suspected in the hack
While there are suspects that the researchers are investigating. There have yet to be any formal charges against any suspects. But, of course, several investigation points are interesting in themselves.
The first thing that distinguished Lapsus$ from other groups:
“Unlike most activity groups that stay under the radar, DEV-0537 doesn’t seem to cover its tracks,” Microsoft said in a blog post. “They go as far as announcing their attacks on social media or advertising their intent to buy credentials from employees of target organizations.”
Next, we see how brazen the group is with the Bloomberg report saying:
“Lapsus$ has publicly taunted their victims, leaking their source code and internal documents. When Lapsus$ revealed it had breached Okta Inc., it sent the company into a public-relations crisis. In multiple blog posts, Okta disclosed that an engineer at a third-party vendor was breached and that 2.5% of its customers may have been impacted.”
Still more information to come
Lastly, there have been no comments from any law enforcement agencies regarding the suspected teens behind the hacking. According to the Bloomberg report, after claims of hacking Okta, the group suggested they would be taking a break,
“A few of our members has a vacation until 30/3/2022. We might be quiet for some times,” the hackers wrote in its Telegram channel. “Thanks for understand us. – we will try to leak stuff ASAP.”