London Police Charged Two Teenagers That Are Members of the Hacking Group Lapsus$

Sophie Webster, Tech Times 01 April 2022, 12:04 pm

The London police charged two teenagers over hacking for the notorious cybercrime group Lapsus$. The two teenagers, ages 16 and 17, are expected to appear at Highbury Corner Magistrates' Court on Apr. 1.

London Police Arrests Lapsus$ Members

The two teenagers, who remain unnamed due to their age, have been charged with multiple cyber-offenses, and they remain in police custody, according to BBC.

The teenagers were arrested as part of an international police investigation into the Lapsus$ gang, which is new but has done much damage.

The hacking group was able to breach major firms such as Microsoft, Nvidia, Samsung, and Okta, and proceeded to brag about it online. Last week, the FBI launched an appeal for information about the people behind the hacking group.

According to Det. Insp. Michael O'Sullivan from the City of London Police, both boys, have been charged with three counts of unauthorized access to a computer with intent to impair the reliability of data, one count of fraud because of false representation, and one count of unauthorized access to a computer with intent to hinder access to data.

The 16-year-old boy has been charged with one count of causing a computer to perform a function to secure unauthorized access to a program.

Last week, the authorities announced that they had arrested seven people between the ages of 16 and 21 around the United Kingdom as part of their investigation into Lapsus$.

Around the same time as the news of the arrests was revealed, Lapsus$ told its 45,000 followers on Telegram that some of its members were taking a short break, according to Wired.

Lapsus$ Target Globant

On Mar. 30, they began posting again, releasing stolen material from a software development company that is based in Argentina called Globant.

Globant was founded in 2003 and is currently based in Luxembourg. Lapsus$ claimed that the group stole up to 70GB of customer data, according to Computer Weekly.

According to the reports, the leak includes the credentials used by the company's admins to access different development platforms, including Jira, GitHub, and Confluence.

The dump also includes the source code folders connected to multiple Globant customers, although the data's veracity is yet to be determined.

Also Read: Microsoft Confirms LAPSUS$ Hack After Extortion Group Releases Stolen 37GB Source Code

Globant's spokesperson said they have recently detected that a limited section of their company's code repository has been subjected to unauthorized access. The company has activated their security protocols, and they are now conducting an investigation.

According to their current analysis, the spokesperson added that the information that was accessed was limited to certain source code and project-related documentation for a very limited number of clients.

Globant has not found any evidence that other areas of their infrastructure systems or clients were affected. They are taking strict measures to prevent further incidents.

Lapsus$ is described as a new generation of the threat actor, both ambitious and chaotic. The hacking group has also been described as reckless when organizing its hacks.