On March 24th, London police arrested seven teenagers after LAPSUS$ launched a new ransomware attack on Ookta, an identity and access management company.
Researchers have traced back the recent Lapsus$ cyberattack incident to a group of teenagers working for this group.
Lapsus$ was in the limelight when it launched a ransomware attack against the Brazilian Ministry of Health in 2021, hacking into COVID-19 data.
It got involved in many other cyberattack incidents, targeting many high-profile companies like Nvidia, Samsung, Microsoft, and Vodafone.
The incident came to light after LAPSUS$ posted screenshots of OOkta’s apps and systems, earlier this week, using the remote desktop protocol (RDP).
OOkta reported that LAPSUS$ cyberattack could have affected 2.5% of customers’ data.
According to Ookta, the hacker gained access to companies’ data by breaching into the internal account of a customer support engineer.
LAPSUS$ is pretty much popular in the hacking circles. Cybersecurity firm Check Point describes LAPSUS$ as a “Portuguese hacking group from Brazil”
While Microsoft says it has a unique blend of tradecraft that employs sophisticated tactics like targeting with SIM swapping, dark web reconnaissance, phone-based phishing, etc.
Even though the group claims the motivation behind the attacks is unclear,
It cannot be purely financial for a company that has a strong online presence, with posts like an opinion polls on who should be the next target.
Thanks For Reading!