- “Ducktail” Hackers Target Facebook - September 28, 2023
- Okta Breach: Super Admin Hack - September 24, 2023
- Rackspace: $10.8M Cloud Shift - September 23, 2023
In a startling revelation, a report by the U.S. Department of Homeland Security unraveled the mystery behind a series of cyber attacks on global giants, executed by the Lapsus$ hacker group, primarily comprising British and Brazilian teenagers.
Emerging in 2021, Lapsus$ gained notoriety by compromising high-profile firms such as Microsoft, Nvidia, T-Mobile, Samsung, and more. Surprisingly, their cyber exploits were rooted in basic tactics, including SIM Swapping – an art they mastered.
By exploiting weak links in telecom service providers, either through social engineering or with insider help, Lapsus$ members could transfer victims’ numbers to their SIM cards. Occasionally, they posed as law enforcement officers, resorting to deceitful emergency disclosure requests to acquire sensitive data about targets. Their primary aim was to hijack two-factor authentication SMS codes, granting them access to corporate systems.
Their resources and operations ran deep. The report highlighted their investment in illegal tools, revealing that the group spent up to $20,000 weekly on a rogue telecom operator’s SIM hijacking platform, hinting at their vast financial reserves. While there’s no official record of the group demanding ransoms, whispers in corporate corridors suggest payments were made to the digital marauders.
However, the youthful group’s antics hit a wall when faced with robust security measures. Organizations employing multi-factor authentication via smartphone PUSH alerts coupled with advanced intrusion detection systems were better equipped to minimize the impact of Lapsus$’ exploits.
Since September 2022, Lapsus$’s cyber noise has dimmed, possibly due to a clampdown by authorities resulting in multiple arrests. Yet, their legacy as the brazen, youngest cyber attackers remains.
In the wake of these revelations, cybersecurity aficionados advise firms to transition to passwordless verifications, discard SMS codes, and foster stronger ties with law enforcement to combat and deter future Lapsus$-like threats.