At present, he has not been publicly accused by law enforcement nor has he been publicly named. Researchers, however, suspect him of being behind several high-tier Lapsus$ cyberattacks this year.
Elite Teen Hacker Operates From His Mother’s House
The British teenager, who goes by the online aliases “White” and “breachbase” apparently lives with his mother near Oxford, UK, Bloomberg said. Four researchers investigating cyber attacks on behalf of major companies such as Microsoft Corp. and Nvidia Corp. “believe the teenager is the mastermind” Bloomberg added. Researchers have not been able to “conclusively tie” the individual to every Lapsus$ hack. However, forensic evidence combined with publicly available information has confirmed the teen indeed belongs to the hacking group, Bloomberg wrote. The teenager’s tracks were finally narrowed down by researchers because his personal information was “posted online by rival hackers,” Bloomberg noted. That included his address and information about his parents. Reporters were able to talk to his mother through a “doorbell intercom system,” who was “unaware of the allegations against her son or the leaked materials,” Bloomberg said. Several law enforcement agencies on the case, such as the UK’s Thames Valley Police, the National Crime Agency, and the FBI did not release any public comments.
Seven unique accounts associated with the hacking group
Researchers confirmed seven unique accounts associated with Lapsus$, meaning “that there are likely others involved in the group’s operations,” Bloomberg emphasized.
One of the Lapsus$ members is a teenager living in Brazil
Yet another teenage hacker is confirmed to be part of Lapsus$ and resides in Brazil. The teen’s hacking skills are at such a high level that researchers initially thought they were observing “automated” activity, Bloomberg noted.
About Lapsus$ Group
Lapsus$ group is a new, elite level, high-speed cybercriminal outfit that has been behind several major cyberattacks just in the past few months. Such attacks include the Nvidia ransomware attack, the Microsoft Azure DevOps server breach, and most recently the Okta identification service provider breach. The list doesn’t end there, as Lapsus$ has also breached Portuguese media giant Impresa Group, electronics and industry giant Samsung, Vodaphone, Ubisoft, as well as Brazil’s health ministry in 2021 — when the group first started hacking. Lapsus$’s unshakeable confidence and nonchalant demeanor is very evident. They’re known to outright “join the Zoom calls of companies they’ve breached,” as well as taunt employees in the process. The group, notorious for large-scale extortion against major targets, also do not bother covering their tracks and are actively recruiting “insiders at victimized companies in order to assist in their hacks,” Bloomberg said. “They go as far as announcing their attacks on social media or advertising their intent to buy credentials from employees or target organizations,” Bloomberg wrote. Following the group’s latest success with Okta, Lapsus$ has now decided to go on vacation. “A few of our members has a vacation until 30/3/2022. We might be quiet for some times,” the hackers wrote in the Lapsus$ Telegram channel. “Thanks for understand us. – we will try to leak stuff ASAP,” they added.