Lapsus$ Hacked Microsoft and Nvidia: Is a Teenager Responsible?

data stolen
A hacker group cracks Microsoft and scares global corporations – behind it is a teenager

03/24/2022, 12:09 p.m

2 min reading time

They grow up with technology and have their first smartphone in kindergarten: today’s young people often understand more about technology before they graduate from school than seasoned academics with twenty years of professional experience. The work of the young talents does not always result in flagship projects such as a useful app – sometimes it seems to be about creating chaos in the digital world of adults.

This is also the case with the “Lapsus$” hacker group, which has been causing problems for global corporations such as Samsung, LG, Nvidia and even Microsoft for some time. Because security researchers who have been commissioned to find the origin of the attacks now want to have a hot lead: A teenager from Oxford, England is said to have coordinated the attacks from his childhood room, and information about accomplices also led to minors.

Berlin project Terravision

They developed a predecessor of Google Earth. Then the fight with the US group began

09/30/2021

Seven attackers, at least two teens

Bloomberg reports that traces of the attacks on the companies are partly due to a connection in Oxford, England, others probably point to at least one perpetrator in Brazil. A total of seven clear attackers who are active for “Lapsus$” could be identified. The researchers came across the alleged heads of the gang through the analysis of forensic evidence and publicly available data, it is said.

According to the report, the youngster from Oxford was particularly impressive with his skills. He was “so fast” and “so talented” that the attacks were initially thought to be automated processes. However, it is often unclear why “Lapsus$” turns the digital world upside down. The group mostly mocks its victims publicly in its Telegram group, making large parts of the loot, often source code and internal documents, freely available.

Unlike ransomware groups like Conti or Cozy Bear, Lapsus§ doesn’t seem to be just about money. Hardware manufacturer Nvidia, for example, was asked to develop open source for all future graphics card drivers in order to prevent software-based performance limitations such as “LHR” in the future. Nvidia had installed the limitation to make graphics cards less interesting for the mining of cryptocurrencies and to get the lack of availability of the products under control.

Motives not always clear

The hackers don’t always write about their motives – it could also be arbitrary and depend on opportunities offered to the group. This is supported by the fact that the Microsoft hack apparently only came about because “Lapsus$” got access to employees who, according to Microsoft, had “limited access” to parts of the source code. The group is believed to be actively searching for such accounts and offering money for them.

+++ Also read: 19-year-old Bayer presents Tesla: “This is how I hacked into cars around the world” +++

As Bloomberg reports, the apparently young hackers don’t seem to have secured themselves ideally. Microsoft confirmed that “Lapsus$” has not sufficiently covered its tracks and is unusually public. This also apparently led to the British teenager’s details, including his address and information about his parents, being leaked by rival gangs.

Bloomberg visited the family at their residence and was able to speak to the boy’s mother, but was not told if the family knew what the son was allegedly doing around the world. According to Bloomberg, there was no conversation with the son, and the mother threatened to call the police after a few minutes.

Most recently, “Lapsus$” wrote in its own Telegram chat that “some members are on vacation until March 30, 2022, there may be silence for a while.” It also says: “We will try to leak more things as soon as possible.”

source: Bloomberg