Connect with us

Hi, what are you looking for?

Cyber Security

Lapsus$ teen hackers convicted of high-profile cyberattacks

A London jury has found that an 18-year-old member of the Lapsus$ data extortion gang helped hack multiple high-profile companies, stole data from them, and demanded a ransom threatening to leak the information.

Believed to be one of the leaders of the group, Arion Kurtaj, from Oxford, England, was arrested twice in 2022, first in January and then again in March, in connection with Lapsus$ hacking activity.

He is on trial for breaching fintech company Revolut, ride-sharing service Uber, and game developer Rockstar Games.

High-profile organizations impacted by Lapsus$ also include MicrosoftCiscoOktaNvidiaT-MobileSamsungVodafoneUbisoft, 2K, and Globant.

Leaking data while on bail

Kurtaj is autistic and was not deemed fit to be in court. However, a jury was asked to determine if he was responsible for the alleged hacking activity, disregarding criminal intent.

The teenager is believed to have breached the City of London Police cloud storage after he was arrested in connection with the attack on mobile operator EE.

It is alleged that after that with the help of some Lapsus$ members, Kurtaj targeted Revolut, Uber, and Rockstar Games, demanding millions of U.S. dollars in ransoms.

Using the handle ‘teapotuberhacker’ and while on bail at a hotel, Kurtaj leaked gameplay videos from the unreleased Grand Theft Auto 6, obtained after breaching the game developer’s Slack server and Confluence wiki.

Kurtaj used more than a dozen online names, White and Breachbase among them, and is believed to have made more than 300 BTC from his hacking activity, SIM-swapping included.

Most of the money was lost to gambling or hackers that breached White’s computer, allegedly twice.

Kurtaj is not the only teenager on trial for Lapsus$-related hacking activity. Another member of the gang, a 17-year-old also suffering from autism, has been convicted for breaching companies as well.

Despite being a loosely organized group of mostly teenagers, Lapsus$ managed to breach organizations with a strong sense of security.

Skilled actors still get caught 

A recent report from the U.S. government notes that the gang used low-cost techniques to reveal “weak points in our cyber infrastructure.”

The members of the group took SIM-swapping to the next level by paying $20,000 a week for access to a telecommunication provider’s platform, which allowed them to hijack targeted phone numbers and obtain one-time passcodes to various accounts.

Lapsus$ activity spread from 2021 to 2022 and involved individuals from the U.K. and Brazil who used social engineering and hacking techniques of various complexity to breach companies for fame, financial game, and fun.

Advertisement. Scroll to continue reading.

Last year in September Lapsus$ activity died, as law enforcement started arresting multiple members of the group: multiple individuals in the U.K. [12] and another one in Brazil.

Source: https://www.bleepingcomputer.com/news/security/lapsus-teen-hackers-convicted-of-high-profile-cyberattacks/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The Ragnar Locker ransomware gang has claimed responsibility for an attack on Israel’s Mayanei Hayeshua hospital, threatening to leak 1 TB of data allegedly...

Cyber Security

Riot Games, the video game developer and publisher behind League of Legends and Valorant, says it will delay game patches after its development environment...

Cyber Security

Florida man Nicholas Truglia was sentenced to 18 months in prison on Thursday for his involvement in a fraud scheme that led to the...

Cyber Security

A new social engineering campaign by the notorious North Korean Lazarus hacking group has been discovered, with the hackers impersonating Coinbase to target employees in...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO