SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

UK Charges Alleged Lapsus$ Gang Members With Hacking

The City of London Police on Friday announced that two teenagers were officially charged for their alleged roles in a hacking group that is believed to be the infamous Lapsus$ gang.

The youngsters, aged 16 and 17, were arrested roughly a week ago, along with five other teens supposedly involved in the Lapsus$ attacks.

The City of London Police on Friday announced that two teenagers were officially charged for their alleged roles in a hacking group that is believed to be the infamous Lapsus$ gang.

The youngsters, aged 16 and 17, were arrested roughly a week ago, along with five other teens supposedly involved in the Lapsus$ attacks.

“Both teenagers have been charged with: three counts of unauthorised access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorised access to a computer with intent to hinder access to data. The 16-year-old has also been charged with one count of causing a computer to perform a function to secure unauthorised access to a program,” the City of London Police said on Friday.

The two appeared at Highbury Corner Magistrates Court on Friday and were released on bail, BBC reports.

Given that both defendants are juvenile, UK authorities did not provide any type of information on their identities.

The US Federal Bureau of Investigation (FBI) has announced that it is looking for information regarding the whereabouts of the Lapsus$ group.

[ READ: The Chaos (and Cost) of the Lapsus$ Hacking Carnage ]

Financially motivated, the Lapsus$ gang rose to fame over the past several months, due to its involvement in a number of high-profile cyberattacks.

Advertisement. Scroll to continue reading.

After hacking the networks of target companies, the group steals data deemed of importance – in many cases source code – and then attempts to extort the victim by threatening to leak the information online. Lapsus$ doesn’t employ file-encrypting malware.

The group gains initial access to the victims’ networks by employing social engineering, hacking employee accounts, and using SIM swapping.

The group maintains a Telegram channel where it names and shames victims, and has so far claimed attacks on Globant, Microsoft, Okta, Samsung, Vodafone, Ubisoft and NVIDIA.

Related: IT Giant Globant Confirms Source Code Repository Breach

Related: Microsoft, Okta Confirm Data Breaches Involving Compromised Accounts

Related: Hackers Hit Major Portuguese Media Group, Take Down Websites

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

CIEM Chat: How to Reduce Cloud Identity Risk
March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

Virtual Event: Ransomware Resilience & Recovery Summit
April 17, 2024

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Shay Mowlem has been named CMO of runtime and application security company Contrast Security.

Attack detection firm Vectra AI has appointed Jeff Reed to the newly created role of Chief Product Officer.

Shaun Khalfan has joined payments giant PayPal as SVP, CISO.

More People On The Move

Expert Insights

Related Content

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

October 1, 2019
Ransomware Alerts Ransomware Alerts

Cybercrime

Cyber Insights 2023 | Ransomware

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

February 2, 2023
Web3 and Metaverse Security Web3 and Metaverse Security

Cybercrime

Cyber Insights 2023 | The Coming of Web3

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

February 6, 2023
Neiman Marcus Says Hackers Breached Customer Accounts

Cybercrime

Neiman Marcus Says Hackers Breached Customer Accounts

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

February 2, 2016
Zendesk Hacked After Employees Fall for Phishing Attack

Cybercrime

Zendesk Hacked After Employees Fall for Phishing Attack

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

January 24, 2023
Russia hackers hit Microsoft Russia hackers hit Microsoft

Cybercrime

Microsoft Warns of Office Zero-Day Attacks, No Patch Available

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

July 11, 2023
ChatGPT attack ChatGPT attack

Artificial Intelligence

Malicious Prompt Engineering With ChatGPT

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

January 25, 2023
Dish Network Dish Network

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

March 1, 2023