Meet Lapsus$ the alleged hackers behind the Uber breach
Meet Lapsus$ the alleged hackers behind the Uber breach
Sections
Axios Local
Axios gets you smarter faster with news & information that matters
About
Subscribe
Meet Lapsus$ the alleged hackers behind the Uber breach
, author of Illustration: Aïda Amer/Axios The data-extortion group outed earlier this year as a group of teenagers seems to be making a comeback. Driving the news: Uber that it believes last week's is affiliated with the Lapsus$ hacking group. Uber said the hacker purchased a contractor's leaked credentials from the dark web and then spammed the contractor with two-factor authentication requests on their phone until they accepted one. This tactic is a staple of the Lapsus$ group's work, . The group's goal is to use stolen login credentials to steal company data — especially source code — and impose demands on the victim to stop the group from leaking stolen info. The big picture: Lapsus$ has been relatively quiet since receiving law enforcement attention in March. London police believed to be connected to Lapsus$ hacks, including those targeting Microsoft, Nvidia, Okta, Samsung and . Following the March arrests, the group posted in a Telegram channel that it was going on vacation. The intrigue: Uber acknowledged the hacker has also claimed responsibility for a data breach . The intruder posted 90 videos of footage from the upcoming Grand Theft Auto VI. Catch up quick: Before prosecutors deduced that teenagers are behind Lapsus$, many researchers believed they were actually an up-and-coming Brazilian ransomware gang. The gang's on Portuguese-language organizations — including Brazil's health ministry and South American telcos Claro and Embratel — . What they're saying: "The incident had a Lapsus$ feel to it, so it’s not surprising that Uber is pointing a finger at the group," says Brett Callow, a threat analyst at Emsisoft, noting that the group pursues attacks that will bring it attention. "That’s why Lapsus$ creates a significant challenge for defenders: Financially motivated cyber criminals are predictable, whereas (partly) ego-motivated criminals are not — and that means companies' playbooks may be of little help," Callow adds. Sign up for Axios’ cybersecurity newsletter Codebook .