Category: ransomware

A third party inquiry jointly initiated by Nvidia, Microsoft, Ubisoft and Samsung has discovered that a recent Lapsus$ ransomware attack on cloud firm Okta was launched by a 16-year-old teenager living in England.

These details were revealed by Bloomberg a couple of hours ago and inquires confirmed that the mastermind behind the cyber attack on Okta, where the source code of a software giant were stolen was also done by the British teen from his residence located 5 miles from Oxford University of England.

Digging deep into the details, the Lapsus$ Ransomware group started its activities freshly from December 2021 by stealing data from Brazil’s Ministry of Health and locking down the server access until a ransom was paid.

The Brazil’s Telecom operator Claro was also targeted in the cyber incident and ransom ranging in millions was picked up for the decryption key.

The Lapsus also targeted impresa, a TV channel and newspaper firm from Portugal, and it took control of the website and the twitter account before demanding millions to release access.

Nvidia falling prey to Lapsus$ ransomware pulled the attention of the world towards it as the firm’s source code and designs of motherboards meant to work on MacOS, Windows and Linux Oses was stolen.

Samsung also fell prey to the Lapsus$ gang, where 190GB data of sensitive files were also stolen by the cyber criminals.

This made the tech companies initiate a forensic investigation through a third party and they found the activities conducted for Lapsus$ were being done through a computer from England by a teenager.

Sadly, the mother of the teenager was interrogated by the law enforcement about the crime and stated that she wasn’t aware of her son’s involvement in any such cyber incident/s.

More details will be updated shortly after confirmation!

NOTE-  A couple of days back, Okta confirmed that the Lapsus$ ransomware incident affected over 2.5% of its customers and the hack took place as hackers somehow got hold of admin credentials from one of its employees in January this year.

 

The post A 16-old teenager suspected behind Lapsus$ ransomware attack appeared first on Cybersecurity Insiders.

What is this AvosLocker thing I’ve heard about? AvosLocker is a ransomware-as-a-service (RaaS) gang that first appeared in mid-2021. It has since become notorious for its attacks targeting critical infrastructure in the United States, including the sectors of financial services, critical manufacturing, and government facilities. In March 2022, the FBI and US Treasury Department issued […]… Read More

The post AvosLocker ransomware – what you need to know appeared first on The State of Security.

Lapsus$ Hacking group claims that it has had access to the network of Okta, a cloud-based application security software offering company since January this year. And reports are in that the criminal group spreads file-encrypting malware has stolen some critical data from the servers to prove its claims.

The disclosure came when a security engineer named Bill Demirkapi, working for Zoom, revealed the details on Telegram in the evening hours of Monday.

Some screenshots proving the data-stealing claims of Lapsus$ group were also revealed on telegram by Demirkapi, who added that the malware spreading gang had super-access to the entire corporate network and that was confirmed by Lapsus$ after it pasted some screenshots related to Okta’s internal Slack and Jira instances on its official Telegram channel.

A certain section of media is speculating that the data breach could have put all the 15k customers of Okta at extreme risk and this includes the company’s premium customers such as Peloton, Cloudflare, Grubhub, T-Mobile, FCC, and Sonos.

On the other hand, Chris Hollis, the official spokesperson of Okta, downplayed all the speculations written in the media and confirmed that there is no firm evidence to prove the ransomware incident.

South American Lapsus$ hacking group claims that it has stolen source code related to Bing, Cortona, and some other internal Microsoft projects and includes 37GB of extra source code steal belonging to 250 other companies……oops, that’s massive!

Note- From the beginning of this year, Lapsus$ ransomware has targeted servers of big companies like NVIDIA, Ubisoft, and Samsung.

 

The post Lapsus$ Ransomware attack on Okta leads to a data breach appeared first on Cybersecurity Insiders.