Data Breaches & Cyber Attacks
LAPSUS$ Cyber-Attacks
LAPSUS$ is a relatively new threat actor group who is responsible for cyber-attacks on OKTA and Microsoft, as announced this month. LAPSUS$ is also tied to cyber-attacks against NVIDIA, Samsung, and Vodafone, where the group posted screenshots showing evidence of those successful attacks.
A key bit of information provided by the LAPSUS$ attacker group regarding the OKTA breach is that they are looking for credentials and access for MSPs and MSSPs that use OKTA. This is no doubt so that they can have inroads into those organizations, and compromise their clients.
LAPSUS$ has screenshots showing evidence of their successful attack on Microsoft, and as their Telegram post shows, they have access to Microsoft source code for Bing and Cortana.
It appears that LAPSUS$ makes heavy use of social engineering attacks such as phishing to compromise credentials and gain access to target organizations.
Microsoft said LAPSUS$ has been known to target the personal email accounts of employees at organizations they wish to hack, knowing that most employees these days use some sort of VPN to remotely access their employer’s network.
Possible Arrest of LAPSUS$ leader: A 16-year-old from Oxford has been accused of being one of the leaders of cyber-crime gang Lapsus$.
The BBC is reporting the arrest of a 16-year-old from Oxford, who amassed a $14m fortune through hacking.
https://www.bbc.com/news/technology-60864283