Uber, Rockstar, Electronic Arts, Microsoft… behind these hacks, the Lapsus$ group and its blurred outlines

London Police announced on Friday, September 23, the arrest in the Oxford area of ​​a 17-year-old teenager suspected of hacking. The young man, already known to justice, was brought before a judge the next day and charged with two acts of hacking, as well as violating his probation. have informed the British authorities.

If this suspect has not been publicly identified, several elements suggest that he is the author of the attacks that have targeted, in recent weeks, Uber ride sharing company Y rockstar video game studioassigned to the group Lapsus$.

First arrests in March

To understand it, we have to go back to 2021. That year, a first computer attack against the servers of the video game publisher Electronic Arts was claimed by an attacker with the name “4v3”. In one of his last messages, he let it be known that from now on he would use the name “Lapsus $”. A few months later, several attacks were claimed under this new pseudonym, first against Portuguese-speaking organizations and then, starting in March 2021, against major companies in the new technology sector.

Lapsus$ sometimes reclaims his attacks very quickly, as if the group is looking for an explosion more than a profit.

The Lapsus$ group thus affirms the piracy of Microsoft, Samsungnvidia, Ubisoft and Okta. Each time, the modus operandi is similar: attackers exploit stolen identifiers to gain access to their targets’ systems, then leverage this access to steal information accessible on their victims’ sites before broadcasting it on their Telegram channel. Unlike some hacking groups, Lapsus$ does not use particularly sophisticated tools, and its true motivations remain unclear: experienced hackers would take the time to break into a computer system and quietly leak data in an attempt to extort money. its victims, or even to resell the Gained Access, Lapsus$ sometimes asserts its attacks very quickly, as if the group is looking for more of a bang than a profit.

Also read: In the footsteps of Lapsus$, a group of hackers between extortion and boasting

However, the group begins to lie down after a British police operation on March 25, 2022, during which the police announced the arrest of seven teenagers. Two of them, aged 16 and 17, were charged in early April. For many cybercrime observers, one of them is none other than the notorious 4v3, also known under the pseudonyms “White” and “Breachbase” and based in the Oxford area. At the time, he was reportedly brought before a judge at the same court (Highbury Corner Magistrates’ Court) and then released on bail to await trial, according to the Reuters news agency.

You have 43.59% of this article left to read. The following is for subscribers only.

Leave a Comment

Your email address will not be published. Required fields are marked *