Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

UK Charges Alleged Lapsus$ Gang Members With Hacking

The City of London Police on Friday announced that two teenagers were officially charged for their alleged roles in a hacking group that is believed to be the infamous Lapsus$ gang.

The youngsters, aged 16 and 17, were arrested roughly a week ago, along with five other teens supposedly involved in the Lapsus$ attacks.

The City of London Police on Friday announced that two teenagers were officially charged for their alleged roles in a hacking group that is believed to be the infamous Lapsus$ gang.

The youngsters, aged 16 and 17, were arrested roughly a week ago, along with five other teens supposedly involved in the Lapsus$ attacks.

“Both teenagers have been charged with: three counts of unauthorised access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorised access to a computer with intent to hinder access to data. The 16-year-old has also been charged with one count of causing a computer to perform a function to secure unauthorised access to a program,” the City of London Police said on Friday.

The two appeared at Highbury Corner Magistrates Court on Friday and were released on bail, BBC reports.

Given that both defendants are juvenile, UK authorities did not provide any type of information on their identities.

The US Federal Bureau of Investigation (FBI) has announced that it is looking for information regarding the whereabouts of the Lapsus$ group.

[ READ: The Chaos (and Cost) of the Lapsus$ Hacking Carnage ]

Financially motivated, the Lapsus$ gang rose to fame over the past several months, due to its involvement in a number of high-profile cyberattacks.

After hacking the networks of target companies, the group steals data deemed of importance – in many cases source code – and then attempts to extort the victim by threatening to leak the information online. Lapsus$ doesn’t employ file-encrypting malware.

The group gains initial access to the victims’ networks by employing social engineering, hacking employee accounts, and using SIM swapping.

The group maintains a Telegram channel where it names and shames victims, and has so far claimed attacks on Globant, Microsoft, Okta, Samsung, Vodafone, Ubisoft and NVIDIA.

Related: IT Giant Globant Confirms Source Code Repository Breach

Related: Microsoft, Okta Confirm Data Breaches Involving Compromised Accounts

Related: Hackers Hit Major Portuguese Media Group, Take Down Websites

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.