Ookta reported that LAPSUS$ cyberattack could have affected 2.5% of customers’ data.
On March 24th, London police arrested seven teenagers after LAPSUS$ launched a new ransomware attack on Ookta, an identity and access management company. Researchers have traced back the recent Lapsus$ cyberattack incident to a group of teenagers working for this group. Lapsus$ was in the limelight when it launched a ransomware attack against the Brazilian Ministry of Health in 2021, hacking into COVID-19 data. It got involved in many other cyberattack incidents, targeting many high-profile companies like Nvidia, Samsung, Microsoft, and Vodafone. The incident came to light after LAPSUS$ posted screenshots of OOkta’s apps and systems, earlier this week, using the remote desktop protocol (RDP). OOkta reported that LAPSUS$ cyberattack could have affected 2.5% of customers’ data. According to Ookta, the hacker gained access to companies’ data by breaching into the internal account of a customer support engineer.
The mastermind behind the targets is a 16-year-old!!
LAPSUS$ is pretty much popular in the hacking circles. Cybersecurity firm Check Point describes LAPSUS$ as a “Portuguese hacking group from Brazil” while Microsoft says it has a unique blend of tradecraft that employs sophisticated tactics like targeting with SIM swapping, dark web reconnaissance, phone-based phishing, etc. Even though the group claims the motivation behind the attacks is unclear, it cannot be purely financial for a company that has a strong online presence, with posts like an opinion polls on who should be the next target.
Given its legacy in cybercrime and credentials of hacking top-notch companies, it is interesting to note that the mastermind behind the recent cyberattack is a teenager. Bloomberg reports that the 16-year-old teenager lives at his mother’s house near Oxford, England” and another teenager suspect lives in Brazil. When BBC spoke to the teenager’s father, he said, “I had never heard about any of this until recently. He’s never talked about any hacking, but he is very good at computers and spends a lot of time on the computer. I always thought he was playing games. We’re going to try to stop him from going on computers”, The Verge reports.
As a cybersecurity expert, Brian Krebs’ says, the alleged teen hacker along with other members nicknamed “Oklaqq” or “WhiteDoxbin”, might have also been responsible for the intrusion at Electronic Arts (EA), a game maker company. “The City of London Police has been conducting an investigation with its partners into members of the hacking group. Seven people between the ages of 16 and 21 have been arrested and released under investigation”, Michael O’Sullivan, Detective Inspector of the City of London Police said, according to a report by The Verge.