An interesting twist to the latest Lapsus$ cyber attacks leading researchers to a 16-year-old hacker from England. According to Bloomberg, “a 16-year-old living at his mother’s house near Oxford, England” might be the brains behind the operation, citing four researchers investigating the group. They have also discovered another member of the LAPSUS$ suspected to be a teenager living in Brazil.
According to cybersecurity expert Brian Krebs’ latest report, the teenage hacker who goes by the online alias “White” and “breach base,” may also have a role in the game maker Electronic Arts (EA) incident last July.
He explained, “Back in May 2021, WhiteDoxbin’s Telegram ID was used to create an account on a Telegram-based service for launching distributed denial-of-service (DDoS) attacks, where they introduced themself as ‘@breachbase. News of EA’s hack last year was first posted to the cybercriminal underground by the user ‘Breachbase’ on the English-language hacker community RaidForums, which was recently seized by the FBI.”
Earlier on Wednesday named Sitel as the third party linked to a security incident experienced by the company in late January. This allows the LAPSUS$ extortion gang to remotely take over an internal account belonging to a customer support engineer.
The Lapsus$ hacking group gathered attention after claiming the Okta attack. The group suggested they will take some time off from hacking the world’s biggest companies.
They wrote on their Telegram channel, “A few of our members has a vacation until 30/3/2022. We might be quiet for some timesThanks for understanding us. – we will try to leak stuff ASAP.”
According to cybersecurity researchers, the teen is skilled and fast at hacking, though there is a possibility the activity was automated.
The teenager’s mother said she was unaware of the allegations against her son or leaked material. She was disturbed about the videos and pictures of her home and the teen’s father’s home is included. She accepted the teenager living at the address and was harassed by others, though no other leaked details were confirmed.
New Infinite Loop Bug in OpenSSL May Allow Attackers Crash Remote Servers
More than 200 Malicious NPM Packages Target Azure Developers
Russian Hackers Exploiting MFA and PrintNightmare Bug – Says FBI, CISA