Lapsus hacker turns out be British teen involved in high-end ransomware

This may come as a surprise to some, but the hacker behind the Lapsus ransomware has been identified as a British teenager.

The 17-year-old is said to have been involved in several other high-profile attacks, including one on a NHS hospital in Lancashire.

Investigators believe that he was part of a larger group of hackers who have been targeting businesses and organizations with ransomware for financial gain.

This news comes as a shock to many, as the Lapsus ransomware was one of the most sophisticated strains seen in recent years.

However, it is clear that the young hacker has talent and knows how to exploit vulnerabilities in systems.

This story is sure to generate a lot of interest, and it will be interesting to see how the teenager responds to the allegations.

https://twitter.com/GossiTheDog/status/1509015764589813761

Last week, the UK police detained and released a group of people between the ages of 16 and 21 that the reporters suspected of the Lapsus extortion gang.

Perhaps the Lapsus ransomware gang weren’t as deeply involved as they thought, because this week a Brazilian IT company named Globant was under attack and said they were hit by Lapsus hackers.

Moreover, the company said a limited number of source codes and project-related client databases have been accessed.

More malware-prone software was found in the source-code library. Another warning to the developers is that the code needs to be scanned before they put it into their projects. 

Despite a series of arrests from UK authorities LAPSUS$ extortion group continues operations.

LAPSUS$ has leaked 70GB of material from @Globant, a large software development company based in Luxembourg

Intel and photos courtesy of @AlvieriD pic.twitter.com/We9Jcm57iE

— vx-underground (@vxunderground) March 30, 2022

Police in a number of countries arrested more than 65 people including residents in Canada, Nigeria, and other regions as part of a business email compromise scam.

Generally, these scams involve convincing employees to send money to, what they think are, illegitimate bank accounts. The scammers do that by cracking emails and telling the company that a customer is changing banks. 

And if you think ransomware attacks on customer relationship management aren’t expensive, then you might be surprised to know that a CRM company called Atento said a ransomware attack cost them $42 million—and $7 million were spent alone on repairing IT systems. 

Celebrating the World Backup Day

The importance of backup strategies because of the World Backup day that happened a few days ago. Data theft has been with us since the internet changed the world.

However, due to human error and weak authentication, some companies are not getting the data backup right. If you are working at a company and not testing a backup is like having no backup at all. 

The question is can hackers get into the system and wipe out entire data? The internal backups? Just like it’s happening in Ukraine with the Viper malware.

That’s why it’s important for companies to have a rock-solid backup strategy and rigorous customer relationship management strategies. 

Because it’s #WorldBackupDay today. By @nixcraft pic.twitter.com/zzbyee7t9n

— John Opdenakker (@j_opdenakker) March 31, 2022

Most companies use a 3-2-1 backup strategy to protect data from hackers, ransomware attackers, threat actors, or data harvesters.

The 3-2-1 backup strategy means you need three copies of your data, no matter how big or small it is. Out of these three copies, you can store one copy offline to prevent data theft, ransomware attack, or damage.

Further, your backups can be on different mediums, one can be on a hard drive and the other one on a solid state drive or the cloud for example. 

Moreover, you can store data as an incremental backup that includes data that’s changed in the previous backup. But a differential backup involves all the backup that helps you recover faster. Also, your data shouldn’t be linked to the main server. 

Web Hosting Canada is a company that lost some data and some customers complained about unauthorized access to their backed up data. You have to regularly follow the zero-trust model, verify the integrity of your backup data, and you must have your IT data checked. 

In addition to stealing company’s secrets, motives of a ransomware gang can change. We have seen that during the Ukraine vs Russia war, a slew of DDoS attacks against Ukrainian government websites. 

There are technologies and experts that can give you a holistic opinion on your company’s networks. Data theft and damage to company’s property can cripple your company. Furthermore, law enforcement agencies need to beef up their cybersecurity systems that monitor their email accounts. 

Hackers are now trying to penetrate systems of legitimate companies and sending out malicious links. But if you received an email from a trustworthy company, you are likely going to click on that. This is how you become a victim of a cyberattack.

In conclusion, you have to be vigilant about your data, educate employees about phishing emails, and run penetration testing on all communication systems.