Teens in the UK arrested in relation to Lapsus$ cybercrime gang

24 Mar 2022

Image: © weerapat1003/Stock.adobe.com

A teenage boy from Oxford is suspected to be one of the masterminds behind the gang that has claimed several major hacks in recent weeks.

Following a string of cyberattacks against a number of major tech players, authorities in the UK have arrested several people in connection with cybercriminal gang Lapsus$.

According to BBC News, the City of London police said seven people between the ages of 16 and 21 were arrested and have since been released under investigation.

Yesterday (23 March) Bloomberg reported that security researchers had traced the attacks to a teenager living with his mother near Oxford in England. He is suspected to be the mastermind behind several attacks, but it is not yet known if he is among the seven who were arrested.

The teen goes by the online aliases ‘White’ and ‘breachbase’. Cybersecurity researchers tied him to the hacking group using forensic evidence from the hacks along with publicly available information.

Investigative journalist Brian Krebs, who is known for his coverage of cybercrime, took a closer look at the Lapsus$ group this week. Allison Nixon, the chief research officer at cybersecurity consultancy Unit 221B, told Krebs that the suspected teenage mastermind was doxed, or outed, on a hacker website after getting on the wrong side of a particular hacking community.

However, cybersecurity researchers had already been tracking the teen for some time before the doxing occurred.

Lapsus$ hacks

The Lapsus$ group is relatively new but has been making waves in recent weeks for claiming to be behind a string of high-profile hacks.

In February, chipmaker Nvidia suffered a cyberattack that was claimed by Lapsus$. The group said it had files on Nvidia GPU drivers, which could allow hackers to turn every Nvidia GPU into a bitcoin mining machine.

A week later, the group claimed that it leaked almost 190GB of data from Samsung. Last week, it sent a smirking face emoji to a news link related to the recent Ubisoft hack, which could be the group taking responsibility for that cyberattack.

Its most recent hacking claims were related to Okta and Microsoft earlier this week. Both companies confirmed data breaches on Tuesday (22 March).

According to Krebs’ in-depth report into the group, at least one member of Lapsus$ may also have been involved in the cyberattack on game maker EA last year, which saw hackers making off with source code for some games.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Jenny Darmody is the editor of Silicon Republic

editorial@siliconrepublic.com