Earlier this week, Microsoft published a lengthy post detailing the group ‘LAPSUS$' and how it operates following a string of cyberattacks on companies like Nvidia, Samsung and even Microsoft itself. Now, just days later, seven members of the group have been identified and arrested.
The group had stolen and leaked files from several major companies and was ramping up its attacks in recent months. After the attack on Microsoft, the company's own security experts began investigating, finding that the group's first attacks took place in the UK and South America. Microsoft also added that the group does not cover its tracks well, indicating that they would not be too difficult to track down if authorities began looking.
Sure enough, a group of teenagers in the UK have now been arrested in connection to the group. Seven arrests have been made so far, with one member holding a big stash of cryptocurrency too, worth roughly £10 million. Members of the group were aged between 16 and 21.
The group would primarily use social engineering tactics to gain access to accounts and then use those accounts to steal data from corporations and attempt to extort them for money. Given the haul of 300 Bitcoin found, it would seem that some did pay up along the way.
Discuss on our Facebook page, HERE.
KitGuru Says: After Microsoft's lengthy report this week, this seemed like an inevitable outcome. No charges have been filed yet, but the police are continuing to investigate.