The chat happened in the week before active members of the group were arrested last month. During March, the threat group was able to steal the source code for a selection of the company’s products and services. However, T-Mobile insists no customer or government data was compromised during the breach. LAPSUS$ was targeting employees of T-Mobile, taking advantage of their access to the company’s services. This allows SIM swap attacks, which involves reassigning a target mobile number to a device controlled by the group. One of the most interesting things about LAPSUS is how quickly the group arose and how potent it became. It was only first seen in December 2021 and in the early months of 2022 carried out attacks on Vodafone, Samsung, and Nvidia.
LAPSUS Success
Also, Microsoft confirmed the group was behind an attack against Bing, Bing Maps, and Cortana. In March, the other interesting – amazing actually – thing about LAPSUS$ is the group was comprised by a bunch of kids. In March, City of London police arrested teenagers associated with the group, including the leader. Reports point to a disgruntled Lapsus customer who doxed the mastermind behind the group and led to the arrests. In a special report, Krebs on Security said the leader bought the Doxbin sit that allows people to share personal information on other people. However he is said to have been a poor website operator and sold the site in January, but not before releasing the whole Doxbin dataset online. To retaliate, the community doxed him. Tip of the day: Need to reduce picture size of several images, but don’t have the time to edit every one? Microsoft’s PowerToys image resizer can batch-resize your photos with just two clicks.
