Connect with us

Hi, what are you looking for?

News

Uber, Microsoft, others attacked by Lapsus$ hackers

Uber, Microsoft, others attacked by Lapsus$ hackers
FILE

Cybercrime is becoming a threat to tech companies globally and one of the most talked about and feared hacker cyber-crime gangs, Lapsus$, has its eyes on major firms like Microsoft.

Reportedly led and run by some group of teenagers, Lapsus$ hacking group has continued to threaten the security of big tech companies despite some of the group members allegedly arrested in March 2022.

According to The CyberWire, the group’s tactics differ from other threat groups’ in that Lapsus$ “eschews the typical exfiltrate-encrypt-extort playbook, instead concentrating on the data theft and extortion, and the gang has a flair for the dramatic in its demands.

Its recent victim was global ride-hailing platform Uber whose internal computers were compromised, leading to the closure of the firm’s internal operations.

In a statement on Monday, Uber accused Lapsus$ of the hack, adding that the group hacker downloaded some internal Slack messages as well as information from an internal tool used by the company’s finance team to manage invoices.

Apart from Uber and Microsoft, Lapsus$ which emerged in December 2021 and its hacker crew which is believed to be based in South America have attacked firms like Samsung, amongst others.

See the list of companies attacked by Lapsus$ below:

  1. Globant: Digital transformation developer Globant confirmed that Lapsus$ had stolen source code developed for its clients. Source: SC Media, March 30, 2022.
  2. Microsoft Azure: Lapsus$ claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft’s internal Azure DevOps server. Microsoft later confirmed a hack by Lapsus$. Sources: BleepingComputer and Microsoft, March 22, 2022.
  3. Nvidia: A cyberattack targeting Nvidia allegedly involved the Lapsus$ ransomware gang. Attackers have since leaked some Nvidia company information online, but the cyberattack did not impact the company’s operations and there’s no evidence that ransomware was deployed on Nvidia’s network, the chip maker has stated. Source: MSSP Alert, March 1, 2022.
  4. Okta: The identity and access management (IAM) software company is investigating an alleged data breach that may have been launched by Lapsus$. In a tweet, Okta CEO Todd McKinnon said there was no evidence of malicious activity beyond some activity detected in January 2022. Still, some observers expressed concern that Okta partners and customers could potentially suffer from a supply chain attack. Source: MSSP Alert, March 22, 2022.
  5. Samsung: The mobile device giant confirmed a rumoured data breach in which hackers stole some Galaxy device source code. Still, Samsung stopped short of blaming the alleged culprit — Lapsus$ — for the breach. Source: MSSP Alert, March 7, 2022.
  6. T-Mobile: Lapsus$ breached T-Mobile multiple times in March 2022, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. Source: KrebsOnSecurity, April 22, 2022.

 

Click to comment

Leave a Reply

Your email address will not be published.

You May Also Like

Cryptocurrency

A former Chairman of First Bank of Nigeria Limited, Ibukun Awosika, has been appointed on the advisory board of cryptocurrency giant, Binance. According to...

News

Joy Onuorah Automobile company, Mercedes-Benz has recalled 161,000 SUV models due to a hazardous fault in the construction of its window trim bars. Models...

News

A leading Pan-African communications consultancy and press release distribution service, APO media group, said it’s giving qualified journalists an all-expense paid trip to the...

News

United Kingdom regulator, Ofcom said it will begin probing cloud providers, Amazon.com Inc’s AWS, Microsoft Corp’s Azure, and Alphabet Inc.’s Google Cloud. According to...

Advertisement