Teen from England mastermind behind Lapsus$ hacker group
Cybersecurity researchers from Microsoft and Nvidia traced the recent Lapsus$ hacks on these companies to a teenager in Oxford. The sixteen-year-old is said to still live with his mother but is the mastermind behind the attacks. Bloomberg reports this.
Investigators traced some major hacks to the teen in recent months using forensic clues within the companies. They also relied on public information, such as information on social media.
In total, the research group identified seven unique accounts within Lapsus$. In addition to the teenager in England, a teenager from Brazil is associated with the hacker group. Authorities have not yet charged these teens.
At first, the cybersecurity researchers believed that much of Lapsus$’s hacks were automated. However, the teenager turned out to be working manually. He is simply very skilled and fast.
Lapsus$ is also known for its brutality. For example, the hackers make fun of their victims online when they leak source codes or internal documents. They even go so far as to invade Zoom calls between employees of the affected companies.
Hackers collective itself not properly secured
Online, the teen is known by the aliases ‘White’ and ‘breachbase’. However, his real identity has not been well protected. Two of the researchers stated that the entire Lappus$ group lacks operational security. Cybersecurity companies can very easily retrieve personal information from members.
Microsoft writes in a blog post: “Unlike most hacker groups that remain hidden, DEV-0537 does not seem to be hiding its tracks”. DEV-0537 is the name Microsoft has given to Lapsus$. Microsoft further states that the group “even announces their attacks on social media or advertises their intent to buy credentials from employees of the target organization.”
Personal information of the Oxford teenager was also available online. Other hackers have leaked his address and information about his parents, among other things. Bloomberg tracked down the hacker’s mother for an interview based on this information.
Conversation with the mother
The woman herself said she was not aware of the allegations against her child. She was very concerned that videos and photos of her house and the house of her son’s father were circulating on the internet.
She confirmed that the alleged hacker lived with her. Her child would also be harassed by others at home. However, she could not confirm or deny many other leaked details. She also refused to go into a formal interview or an interview with her child. She will contact the police first.
Official agencies, namely the National Crime Agency in the United Kingdom, the Thames Valley Police in Oxford, and the FBI in the United States, declined to respond.
Lapsus$ on vacation
After the hack on authentication software company Okta earlier this week, Lapsus$ suggested the group is taking a break. On Telegram, one member says: “Some of our members are on vacation until 3/30/2022. We can be quiet for a while. Thank you for understanding. We will try to leak things as soon as possible.”
Update (April 4, 2022): In late March, British police arrested seven teenagers who may have had connections with the hacking group Lapsus$. Two of them had to answer to a court in London last week, BBC News reported. According to the British news channel, the boys are still in custody.
Catch up on more articles here
Follow us on Twitter here