FBI adds LAPSUS$ data extortion gang to its “Most Wanted” list • Graham Cluley

The FBI is calling on members of the public to help it uncover members of an increasingly-notorious cybercrime gang.

The LAPSUS $ group, which is thought to consist largely of computer-savvy teenagers, has been behind a wave of attacks that have gained unauthorized access to large tech firms and leaked their data.

Corporate victims have included MicrosoftNVIDIA, Ubisoft, SamsungGlobant, and Okta.

Sign up to our newsletter
Security news, advice, and tips.

Members of the gang have been posting on a publicly-accessible Telegram chat room, bragging about their unauthorized access to the systems of organizations, and then posting links to the data they have stolen.

The most recent victim is international IT and software development firm Globant, which acknowledged it had suffered a security breach after LAPSUS $ first shared the news to its followers.

LAPSUS $ has since shared a link to 73GB of data stolen from Globant, containing customer source code and private keys related to projects for corporate clients.

In its notice the FBI says it is seeking information regarding the identities of the individuals responsible for the breaches, but has not yet offered a monetary reward.

It will be interesting to see whether the FBI or other law enforcement agencies do choose to offer a bounty for information leading to the identification and apprehension of members of LAPSUS $, or whether the group will simply unravel due to its own gobbiness.

If you do have any information, you are invited to contact your local FBI office, or the nearest American Embassy or Consulate.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluleyor drop him an email.

Source

The FBI is calling on members of the public to help it uncover members of an increasingly-notorious cybercrime gang.

The LAPSUS $ group, which is thought to consist largely of computer-savvy teenagers, has been behind a wave of attacks that have gained unauthorized access to large tech firms and leaked their data.

Corporate victims have included MicrosoftNVIDIA, Ubisoft, SamsungGlobant, and Okta.

Sign up to our newsletter
Security news, advice, and tips.

Members of the gang have been posting on a publicly-accessible Telegram chat room, bragging about their unauthorized access to the systems of organizations, and then posting links to the data they have stolen.

The most recent victim is international IT and software development firm Globant, which acknowledged it had suffered a security breach after LAPSUS $ first shared the news to its followers.

LAPSUS $ has since shared a link to 73GB of data stolen from Globant, containing customer source code and private keys related to projects for corporate clients.

In its notice the FBI says it is seeking information regarding the identities of the individuals responsible for the breaches, but has not yet offered a monetary reward.

It will be interesting to see whether the FBI or other law enforcement agencies do choose to offer a bounty for information leading to the identification and apprehension of members of LAPSUS $, or whether the group will simply unravel due to its own gobbiness.

If you do have any information, you are invited to contact your local FBI office, or the nearest American Embassy or Consulate.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluleyor drop him an email.

Source

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertismentspot_img

Latest posts

YouAttest collaborates with JumpCloud to give users access reviews for identity governance

YouAttest announced their product integration with JumpCloud - an open directory platform that gives IT, security...

SLACIP: How to Comply with the SOCI ACT Reforms

On March 31, 2022, the Security Legislation Amendment Critical Infrastructure Protection Act 2022, also known as SLACIP, was passed by the Australian Parliament. ...

Microsoft patches the Patch Tuesday patch that broke authentication – Naked Security

Two of the big-news vulnerabilities in this month's Patch Tuesday updates from Microsoft were CVE-2022-26923 and CVE-2022-26931which affected the safety of authentication in Windows. Even...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!