Last month A number of the world’s largest tech companies have been hacked by a group called Lapsus$, including MicrosoftNvidia, Ubisoft, Samsung and Oct. These were not minor violations either; Nvidia lost sensitive GPU designs and Microsoft gigabytes of important source code. Now a report claims that the “mastermind” behind the hacks is a teenager living “at his mother’s house” in England.
One story further Bloomberg says that “researchers investigating the hacking group Lapsus$ on behalf of companies under attack” are focusing their efforts on a 16-year-old English boy believed to be behind most, if not all, of the intruders. These researchers are also studying a Brazilian teenager and believe there are at least seven members of the group in total, although details of any of the other hackers have not been released.
It is important to note here that while private investigators compiled this list of suspects, no one has been formally charged by the authorities. Still, the information shared by these cybersecurity researchers is very interesting:
- They believe the prime suspect, the 16-year-old from England, was so good that “researchers initially thought the activity they observed was automated.”
- According to Microsoft, the group, which is conducting a “large-scale social engineering and extortion campaign against multiple organizations,” was so successful in part because it was able to “recruit insiders from affected companies to help them with their hacks.” ”
- It is outrageously alleged that members of Lapsus$ used compromised employee information to log into Zoom calls held by their victims “where they taunted employees and consultants trying to clean up their hack”.
Cybersecurity researchers say they were able to identify the two teenagers so quickly because, for all their offensive skills, “the group suffers from poor operational security.”