A 16-year-old Oxford student has been charged with being one of the leaders of the Lapsus$ cyber-crime organization.
Rival hackers and researchers have identified the teenager, who is said to have accumulated a $14 million (£10.6 million) fortune through hacking.
Police in the City of London say they’ve detained seven teens in connection with the group, but they won’t reveal if he’s one of them.
The boy’s father told the Bazzup that his family was worried about him and that they were attempting to keep him away from his computers.
The teenager, who has autism, is supposed to be behind the prolific Lapsus$ hacking squad, which is said to be based in South America, under the internet alias “White” or “Breachbase.”
After successfully breaking huge corporations such as Microsoft and flaunting about it online, I formed gangs.
The adolescent, who cannot be identified for legal reasons, attends an Oxford special education school.
“Seven people between the ages of 16 and 21 have been arrested in connection with an investigation into a hacking organization,” City of London Police stated. They’ve all been released pending the outcome of the investigation. Our investigations are still ongoing.”
Playing video games online
“I had never heard about any of this until lately,” the boy’s father told the Bazzup. He’s never admitted to hacking, but he’s an expert with computers and spends a lot of time on them. I’ve always assumed he was a prankster.”
“We’re going to make an effort to keep him away from computers.”
Bazzup also reached out to the boy’s mother, who declined to comment.
‘Doxxed’ over the internet
After an apparent falling out with business partners, “White” was outed – or “doxxed” – on a hacker website.
His name, address, and social media images were all divulged by the hackers.
“After a few years, his net worth rose to well over 300BTC [near to $14 million],” they wrote in a chronicle of his hacking career. He’s now a member of the ‘Lapsus$’ want tobe ransomware outfit, which has been extorting and ‘hacking’ various organizations.”
Cyber-security specialists have been tracking “White” for about a year and have linked him to Lapsus$ and other hacking instances, according to Bloomberg.
Allison Nixon, chief research officer of cyber-security investigative firm Unit 221B, said, “We’ve had his name since the middle of last year and we recognized him before the doxxing.”
“After identifying the actor, Unit 221B worked with [cyber-security firm] Palo Alto to monitor his escapades until 2021, frequently informing law enforcement about the latest acts.”
Mrs Nixon claims that researchers followed him through a trail of activity linked to the boy’s online accounts for nearly a year.
“We did it by looking at an account’s post history and discovering that prior posts contained contact information for the guy.”
Mrs Nixon claims that the trail was followed because “White” failed to cover his tracks.
The Lapsus$ gang is a group of people who have a lot of
Because of its high-profile targets and active presence on the messaging app Telegram, the Lapsus$ cyber-extortion organization has garnered prominence in a short period of time. It now has 47,000 subscribers on its YouTube account.
“A handful of our members has a vacation until 30/3/2022,” the group said in a statement broadcast on the channel on Wednesday. We may be deafeningly quiet at times. Thank you for your patience; we will strive to disclose information as soon as possible.”
Lapsus$ has increased in prominence in recent months, according to Chris Morgan of cyber-security firm Digital Shadows, “after targeting multiple corporate technology companies, breaching considerable amounts of data, and posting on their dedicated Telegram data leak channel.”
“Little is known about the group’s origins, but given that Lapsus$’s initial activity was focused at many Brazilian organizations, some experts have assumed that the group is located in South America,” Mr Morgan added.
Microsoft said in a blog post on Wednesday that Lapsus$ had acquired limited access to its system.
Okta, a security firm, acknowledged that it, too, had been hacked by the organization, with ramifications for hundreds of its customers.