LONDON/WASHINGTON: Police in the UK have arrested seven people following a series of hackings by the Lapsus$ hacking group. Okta Inc. And MicrosoftCity of London Police gave this information on Thursday.
San Francisco-based Okta, whose authentication services are used by some of the world’s biggest companies to provide access to its networks, said Tuesday that it was hit by hackers and that some customers may be affected.
“The City of London Police is conducting an investigation into members of a hacking group with their associates,” Detective Inspector Michael “Sullivan” said in an emailed statement in response to a question about the Lapsus$ hacking group.
Read also: Microsoft Confirms Hacker Group Stealing Lapsu$ Source Code, Gets Limited Access
The ransom-seeking gang posted a series of screenshots of Okta’s internal communications on its Telegram channel late Monday.
“Seven people aged between 16 and 21 have been arrested in connection with this investigation, and all have been released after an investigation,” Sullivan said.
Okta’s shares were down nearly 11 percent on news of the digital breach amid criticism of the digital authentication firm’s slow response to the intrusion.
On Thursday, Okta’s shares were trading with a decline of 4.8 per cent.
City of London Police did not directly name Lapsus$ in their statement. A spokesman said none of the seven people arrested have been formally charged, pending an investigation.
Read also: Apple will buy the first large batch of carbon-free aluminum for the iPhone SE
WHO ARE LAPSUS$?
Last month, Lapsus$ leaked proprietary information about US chipmaker Nvidia Corp. to the Web.
Most recently the group claimed to have leaked source code from several large tech firms, including Microsoft, which confirmed on Tuesday that one of its accounts was compromised.
Lapsus$ has not responded to repeated requests for comment on its Telegram channel and by email.
A teenager living near Oxford, England, is suspected to be behind some of the more notable attacks, Bloomberg News reported on Wednesday.
When reached by phone, the teenager’s father – who could not be named as he is a minor – declined to comment. According to three people familiar with the matter, Reuters confirmed that cybersecurity researchers investigating Lapsus$ believe the teenager was involved in the group.
In a blog post on Thursday, Unit 42, a research team at Palo Alto Networks, described Lapsus$ as an “assault group” motivated by notoriety rather than financial gain.
Unlike other groups, they do not rely on the deployment of ransomware – malicious software to encrypt their victims’ networks, a hallmark of digital extortionists – and instead manually sabotage their targets’ networks. Huh.
With Unit 221B, a separate security consultancy, Palo Alto researchers said they had identified the “primary actor” behind Lapsus$ in 2021 and were “assisting law enforcement in their efforts to prosecute this group”. .
“The teen we identified as being in control of Lapsus$ is particularly helpful,” Alison Nixon, chief research officer for Unit 221B, told Reuters.
“He must possess other members not only for his leadership role, but for critical intelligence”.
read all breaking news , today’s fresh news And Ukraine-Russia War Live Updates Here.