Lapsus$ reign of terror might be over, UK police arrest 16 year old teen as leader and 6 others in connection

[Master Disaster]

Coming from the BBC, it seems as though rival groups might have gotten a little jealous of Lapsus$ and have offered up the names of the group members to police in the UK. Accused of being the ringleader is a 16 year old from Oxford who apparently amassed £10m in cryptocurrency from the groups endeavours. Given he is still a minor we won't find out his real name until it goes to court however his online name is apparently "White".

Quote

A 16-year-old from Oxford has been accused of being one of the leaders of cyber-crime gang Lapsus$.

 

The teenager, who is alleged to have amassed a $14m (£10.6m) fortune from hacking, has been named by rival hackers and researchers.

London police have confirmed they have made seven arrests but refused to confirm any other details.

Quote

City of London Police say they have arrested seven teenagers in relation to the gang but will not say if he is one.

 

The boy's father told the BBC his family was concerned and was trying to keep him away from his computers.

 

Under his online moniker "White" or "Breachbase" the teenager, who has autism, is said to be behind the prolific Lapsus$ hacker crew, which is believed to be based in South America.

Source - https://www.bbc.co.uk/news/technology-60864283

 

Holy shit man, if it turns out a 16 year old was behind the hacks of so many large corps

[Bad5ector]

4 minutes ago, Master Disaster said:

Holy shit man, if it turns out a 16 year old was behind the hacks of so many large corps

Honestly, wouldn't surprise me if it were. But still.. well done kid. Hopefully he gets head hunted by one of the companies he "pwned".

[Brooksie359]

This sorta makes me sad as someone as talented as them to be able to hack that well at that age they could have easily made alot of money using legit means. Hopefully they will be treated as a minor as I think they could easily be rehabilitated. 

[jagdtigger]

8 minutes ago, Master Disaster said:

Holy shit man, if it turns out a 16 year old was behind the hacks of so many large corps

Just shows how little these corps care about security, its just an expense they would rather cross out...

[WhitetailAni]

So...

What happens to that demand for open source NVidia drivers?

Or the Unreal Engine source code?

[Kisai]

9 minutes ago, FakeKGB said:

So...

What happens to that demand for open source NVidia drivers?

Or the Unreal Engine source code?

Clearly they're not very smart.

 

My guess at this point is that whoever gets arrested turns in their lackeys for a more lenient punishment.

 

This is really all standard script kiddie rage behavior. Keep doing things, brag about it, you're untouchable, oh wait, no you're not /s.

 

At any rate the clock is ticking. Everyone the "ringleader" was in contact with better skip town.

 

[Master Disaster]

9 minutes ago, Kisai said:

This is really all standard script kiddie rage behavior.

Agree to disagree on that. This group went far beyond "script kiddie" levels, they penetrated Nvidia, Samsung, Microsoft and others to the point of dumping terrabytes of data.

 

LulzSec and Lizard Squad were a bunch of script kiddies, running DDoS attacks from hired botnets to take down services etc etc.

[Master Disaster]

26 minutes ago, FakeKGB said:

So...

What happens to that demand for open source NVidia drivers?

Nvidia claimed to have reversed the hack, gained access to their systems and wiped all the data. OFC Lapsus$ claimed BS and released the LHC code but my guess, Nvidia probably did wipe most of their stolen code.

26 minutes ago, FakeKGB said:

Or the Unreal Engine source code?

UE is open source, its on Github, the only requirement is you create an Unreal developer account.

 

https://github.com/EpicGames

[Helpful Tech Witch]

37 minutes ago, FakeKGB said:

Or the Unreal Engine source code?

thats literally public information, just make a unreal dev account and get it off of github

[porina]

Even if they're found to be involved, the hacking wont stop as long as the method they used can still be exploited. If not them, someone else could do the same. How did they get in, and can those holes be plugged? I feel the era of remote working is providing more opportunities.

[Kisai]

50 minutes ago, Master Disaster said:

Agree to disagree on that. This group went far beyond "script kiddie" levels, they penetrated Nvidia, Samsung, Microsoft and others to the point of dumping terrabytes of data.

A broken clock is right twice a day. For all we know these kiddies attacked 1000's of companies, and have only a 0.03% success rate.

 

50 minutes ago, Master Disaster said:

LulzSec and Lizard Squad were a bunch of script kiddies, running DDoS attacks from hired botnets to take down services etc etc.

Indeed, a lot of "hacking" that makes the news is just, isn't. It's just a collective of people who think they're a genius for finding a hacking tool in the wild. Most of these people literately do not know what they are playing with. The people that do, wouldn't advertise the fact, and keep their cards close to their chest.

 

[WhitetailAni]

49 minutes ago, Helpful Tech Wiard said:

thats literally public information, just make a unreal dev account and get it off of github

Yeah I know, I was trying to make a joke

[WkdPaul]

1 hour ago, jagdtigger said:

Just shows how little these corps care about security, its just an expense they would rather cross out...

?????????

 

From what I know, they were mostly using social engineering tactics, were compromising personal accounts of employees, doing SIM swapping, and were even offering tens of thousands of dollars to employees for "inside jobs" ... not sure how that has to do with a corporation not caring about their security.

 

You can have great security, but if you have employees with high access not being careful, then all that security isn't worth much.

[Mark Kaine]

2 hours ago, WkdPaul said:

From what I know, they were mostly using social engineering tactics, were compromising personal accounts of employees, doing SIM swapping, and were even offering tens of thousands of dollars to employees for "inside jobs" ... not sure how that has to do with a corporation not caring about their security.

 

You can have great security, but if you have employees with high access not being careful, then all that security isn't worth much.

But thats still on the companies then - depending on how good their security actually is. IF (?) employees with access to high level security stuff (which this sounds it actually is) just need an email /pw to log in (which this also kinda sounds like) then this is just very poor "security" not even worthy the name.

These employees should all be using finger prints and retina scanners at the very least…

 

On the other hand i have to wonder if its that easy to get access by a bit of SIM swapping and bribing some employees why this didn't happen much earlier and more often - definitely curious - and Im not sure if its that easy, but again, that would point to very lax security. 

 

 

[jagdtigger]

3 hours ago, WkdPaul said:

?????????

 

From what I know, they were mostly using social engineering tactics, were compromising personal accounts of employees, doing SIM swapping, and were even offering tens of thousands of dollars to employees for "inside jobs" ... not sure how that has to do with a corporation not caring about their security.

 

You can have great security, but if you have employees with high access not being careful, then all that security isn't worth much.

If you couldnt be arsed to properly educate your employees and efing forget about sms auth then your security is like  swiss cheese.....

[Dracarris]

5 hours ago, Kisai said:

This is really all standard script kiddie rage behavior.

 

4 hours ago, Master Disaster said:

Agree to disagree on that. This group went far beyond "script kiddie" levels, they penetrated Nvidia, Samsung, Microsoft and others to the point of dumping terrabytes of data.

I already asked at another occasion what exact role age and means of attack play when they are as successful as they are, to which I so far did not receive a reply.

[Fasterthannothing]

1 hour ago, Mark Kaine said:

But thats still on the companies then - depending on how good their security actually is. IF (?) employees with access to high level security stuff (which this sounds it actually is) just need an email /pw to log in (which this also kinda sounds like) then this is just very poor "security" not even worthy the name.

These employees should all be using finger prints and retina scanners at the very least…

 

On the other hand i have to wonder if its that easy to get access by a bit of SIM swapping and bribing some employees why this didn't happen much earlier and more often - definitely curious - and Im not sure if its that easy, but again, that would point to very lax security. 

 

 

Bro seriously sms authentication is pathetic at this point. Any company stupid enough to use it has got problems. Everyone at a company should have a titan security key device. The amount of protection that brings is way beyond many other options.

[williamcll]

Won't be the first big name hacker to be underage.

[Master Disaster]

8 hours ago, williamcll said:

Won't be the first big name hacker to be underage.

Can we all appreciate how great the name "crackas with attitude" is. Obviously referencing NWA and cracka which is black gang slang for someone who is untrustworthy (or as Ryder would put it, a busta) while also being relevant to what they were doing (cracking).

 

Pretty genius

[Stahlmann]

So much for honor among thieves. As soon as someone offers more money to expose you than you offer people keeping you hidden, you're done. Still massing over $14m as a 16 year old is impressive, even if it's obtained in illegal ways. The money will probably be confiscated and after he's out of whatever punishment he gets he'll probably start over and be more careful.

 

Imagine you as a parent find out that your autistic son made so much money without you noticing it and just using his computer at home.

[Kisai]

On 3/24/2022 at 12:47 PM, WkdPaul said:

 

You can have great security, but if you have employees with high access not being careful, then all that security isn't worth much.

Many companies have people with control-issues that will demand access to absolutely everything, and these are the people routinely phished. Go directly for the blowhard who seeks attention in the company, because they crave it.

 

I'm sure Elon probably gets phished a lot.

 

[lostcattears]

Crypto biggest money laundering currency.  

[Adryzz]

noooo

 

well hopefully he'll get a small sentence

[Arika]

19 minutes ago, Adryzz said:

noooo

 

well hopefully he'll get a small sentence

fuck that. full punishment of the law.

[WkdPaul]

15 hours ago, Kisai said:

Many companies have people with control-issues that will demand access to absolutely everything, and these are the people routinely phished. Go directly for the blowhard who seeks attention in the company, because they crave it.

 

I'm sure Elon probably gets phished a lot.

 

Humans make mistakes, or think they know better.

 

Some have said that all you need is educating your employees, thinking that's all that's needed is quite naive.

 

All you need is for one person to let their guard down, be lazy, be greedy (that group offered $20k for credentials at one point), or think "it's fine" for all the security education to go out the window.

 

I don't remember the details, but I remember a guy in a live TV interview, behind him was his desk with his monitors, and on one of them there was a post-it, on it was the company Twitter l'ognon info!!

 

As a sys admin, I can confirm that people do this sort of things ALL. THE. TIME. regardless of the level of the company.