The City of London police force has revealed the arrest of seven teenagers in connection to the hacking group Lapsus$ that has successfully breached tech companies including Microsoft, Samsung and Nvidia in recent weeks, the BBC has reported.
The news comes after a 16-year-old boy was accused of being the mastermind behind the group by researchers and other hackers, as first reported by Bloomberg.
Cybersecurity research teams at Unit 221B and Palo Alto have been tracking the individual since the middle of last year, Allison Nixon, Unit 221B’s chief research officer told the BBC. They had “watched him on his exploits throughout 2021, periodically sending law enforcement a heads-up about the latest crimes”.
Police have not confirmed whether the individual is among the seven arrested today.
Lapsus$ had confused cybersecurity experts with its combination of sophistication and naivety. Although apparently adept at recruiting insiders and stealing credentials, the group is “notoriously brazen about its activities and has previously announced its plans for insiders at specified companies,” Chris Morgan, senior threat intelligence analyst at Digital Shadows, told Tech Monitor yesterday.
This public visibility put the group at risk of arrest, said a security researcher speaking on the condition of anonymity. “They’re not thinking about the consequences that maybe a more experienced cybercrime actor would be wary of,” they said.
This behaviour led researchers to compare Lapsus$ to the hacktivist groups of the 2010s. “Lapsus$ do not necessarily represent a new threat, but a re-emergence of the days of Anonymous and Lulzsec from the mid-2010s, where hacking was used more for notoriety and political statements than financial gain,” said Toby Lewis, global head of threat analysis at Darktrace.
A number of British teenagers were arrested in connection to Lulzsec, whose victims include the PlayStation Network.
Last year, Tech Monitor documented the return of the hacktivists. Experts described a new generation of hackers who had been radicalised by the Black Lives Matter protest movement and who targeted online services connected to the ‘alt-right’.
Since then, the war in Ukraine has attracted a new wave of ‘cyber partisans’, volunteer hackers lending support to either side of the conflict. Earlier today, Anonymous claimed it had hacked the Central Bank of Russia.