Acybercrimegang calledLapsus$ is tearing through tech giants around the world.
Their brazen tactics have attracted a large following and some powerful enemies.
Heres what we know about the digital extortionists.
Who are theLapsus$hackers?
Lapsus$ firsthit the headlines last Decemberafter taking credit for an attack on Brazils health ministry.
It’s free, every week, in your inbox.
50 Tb of data is in our hands.
Contact us if you want the data back.
The group showed an early preference for Portuguese-speaking targets and an apparent desire for attention.
The group has sent messages in Brazilian Portuguese and is believed to operate out of South America.
One Lapsus$ member was allegedly doxxed as a 16-year-old-boy living in the UK.
While the gangs attacks are frequent and their victims high-profile, their tactics have beendescribed as amateurish.
The LAPSUS$ ransomware group appear to be incredibly inexperienced with OPSEC.
We can tell by looking at the timestamp of the files in their leak.
What are their tactics?
Lapsus$ is frequently described as a ransomware group, but its methods are more akin to data extortion.
Microsoft saidgang members usea pure extortion and destruction model without deploying ransomware payloads.
They typically focus on compromising user identities to access an organization.
They also target organizations by recruiting company employees who can provide access to sensitive data.
Lapsus$ hasoffered payments for insider accesson the groups Telegram channel.
The groupsother suspected methodsinclude DNS spoofing attacks, SIM-swapping, and phishing campaigns.
Who are their targets?
The groups early focus on Portuguese-language organizations has now expanded globally.
The latest victim is authentication firm Okta.
In the Lapsus$ Telegram channel, members shared screenshots that showed Oktas internal systems.
While Bradbury told customers that no corrective actions were necessary, Oktas response has been criticized.
Shares in the company fell 10.5% on Wednesday,Reuters reports.
How can we stay safe?
The Lapsus$ crime spree has left many organizations fearful that theyll be the next targets.
Story byThomas Macaulay
Thomas is the managing editor of TNW.
He leads our coverage of European tech and oversees our talented team of writers.
Away from work, he e(show all)Thomas is the managing editor of TNW.
He leads our coverage of European tech and oversees our talented team of writers.
Away from work, he enjoys playing chess (badly) and the guitar (even worse).
