Telegram polls. Unusual demands. The latest extortion gang is on an unorthodox rampage.
What makes Lapsus$ noteworthy, too, is that the group isn't really a ransomware gang. Instead of exfiltrating data, encrypting target systems, and thenunless the victim pays up, Lapsus$ seems to exclusively focus on the data theft and extortion. The group gains access to victims through phishing attacks, then steals the most sensitive data it can find without deploying data-encrypting malware.
Even in those early campaigns, Lapsus$ got creative; it set Localiza's website to redirect to an adult media site for a couple of hours until the company could revert it. Researchers say, though, that the truth about the gang's intentions are more murky. Unlike many of the most, Lapsus$ seems to be more of a loose collective than a disciplined, corporatized operation. “At this point it's difficult to say with certainty what the group’s motivations are,” says Xue Yin Peh, a senior cyber-threat intelligence analyst at the security firm Digital Shadows.
“It's difficult to say. The only source we've had for it is the ransomware group themselves,” says independent security researcher Bill Demirkapi of the claims. “The explanation they gave for how Nvidia hacked back does make sense, but I always take such statements with a grain of salt, because Lapsus$ has an incentive to make Nvidia look as bad as possible.”
“This group operates on street cred and clout,” says Charles Carmakal, senior vice president and chief technical officer of the cybersecurity firm Mandiant. “They're bragging to their friends, and if they get money, they'll take it, but money doesn't seem to be the sole or even primary driver. So a victim company that wants to negotiate with them and may think about paying them likely won’t get the outcome they’re hoping for.
Specific details about the group remain scarce for now. Researchers suspect that Lapsus$ is based in South America, potentially in Brazil, and say it may have a few members in Europe as well, perhaps in Portugal. Lapsus$ doesn't have a homepage on the dark web for posting samples of leaked data and negotiating with victims. Instead, in an unorthodox move for ransomware groups, the gang uses Telegram for most of its public-facing operations.
Canada Latest News, Canada Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Jessica Chastain Wins Yet Another Major Best Actress Prize at Critics Choice Awards 2022This year’s most chaotic Oscars acting race is starting to look settled in favor of the 'Eyes of Tammy Faye' star.
Read more »
Novavax's COVID vaccine rollout in EU off to a slow start -dataDemand for the COVID-19 vaccine produced by U.S. biotech firm Novavax has been underwhelming in the European Union's main countries in the early rollout, so far undermining hopes that it could convince vaccine sceptics to get a shot.
Read more »
Novavax's COVID vaccine rollout in EU off to a slow startDemand for the COVID-19 vaccine produced by U.S. biotech firm Novavax has been underwhelming in the European Union's main countries in the early rollout, so far undermining hopes that it could convince vaccine sceptics to get a shot.
Read more »
How Signing Larry Ogunjobi Impacts Bears' 2022 NFL Draft Plans | The Draft NetworkHere's how signing Larry Ogunjobi affects the Chicago Bears' potential NFLDraft plans. From BryanPerezNFL: FrontOffice33 | DaBears
Read more »
Should You Pay Trade Association Dues For Utility Companies?This article describes how advocacy groups are fighting utility companies, who are allowed to pass off trade association dues to consumers.
Read more »