London police have arrested seven people as part of an investigation into the Lapsus$ hacking group, the BBC reported today.
“Seven people 16 and 21 have been arrested in connection with an investigation into a hacking group,” the City of London Police told the BBC in a statement. “They have all been released under investigation. Our inquiries remain ongoing.”
The statement didn’t specify if the 16-year-old from Oxford, England, who is believed to be the mastermind behind Lapsus$ was among those arrested. Earlier this week, Bloomberg reported that four researchers who have been investigating Lapsus$ believe the teenager is behind the group. The researchers were investigating the group on behalf of companies that were breached by the hackers.
Prominent cybersecurity journalist Brian Krebs on Wednesday published a detailed report about the hacking activities of Lapsus$. The hacking group is said to have emerged last December after launching a cyberattack against Brazil’s Ministry of Health that disrupted several of the ministry’s internal systems. The bulk of the group’s victims are reportedly based in Latin America and Portugal.
In recent weeks, Lapsus$ made headlines by launching cyberattacks against several major tech firms. Microsoft Corp. and Okta Inc., which provides software that enterprises use to manage access to internal applications, are two of the latest companies to have been breached by Lapsus$. The hacking group earlier carried out cyberattacks against Nvidia, Samsung Electronics Co. Ltd, Vodafone Group Plc and other tech firms.
According to Krebs, Lapsus$ used multiple tactics to carry out cyberattacks. In some cases, the group bribed or tricked employees at a company into assisting with a cyberattack. In other cases, the group targeted employees at the company’s partners and suppliers. The data breach at Okta, for example, was carried out using the computer of a support engineer at Okta supplier Sitel Group.
As part of its hacking activities, Lapsus$ reportedly targeted workers’ personal email accounts with the goal of using those accounts to gain access to corporate systems. The hacking group also used a technique known as SIM swapping to target employees’ mobile devices. Additionally, Lapsus$ reportedly deployed password-stealing malware and searched public code repositories for login credentials.
Earlier this week, Microsoft published an analysis of the hacking group’s cyberattacks along with guidelines for how organizations can enhance their security. Microsoft recommends that firms increase employee awareness of social engineering tactics used by hackers, as well review internal policies for processing password reset requests.