230:. The Ministry of Health website was taken down on Friday, 10 December around 1 AM. Lapsus$ left a message, "Contact us if you want your data back", along with their Telegram and e-mail addresses on the homepage of the website of the ministry after exfiltrating and deleting 50 TB of data on internal servers. By Friday afternoon the message had been removed, but the website and user data in the "ConecteSUS" app, which provides Brazilians with COVID vaccination certificates, remained unavailable, causing disruption for travelers.
209:, with subsequent arrests again by City of London Police, and Brazilian police. The group appears to have become inactive after September 2022, with members perhaps dispersing to other groups, and the conviction of two British members. One of the group's founding members, Arion Kurtaj, was given an order to indefinitely remain in a secure
496:
were reported to have identified him. The prominent member was charged alongside a 17-year-old on 1 April 2022. He was assessed by psychiatrists as unfit to stand trial, but a 7-week court case proceeded until August 2023, and resulted in both the 17-year old and the prominent member being convicted.
200:
announced that it had made seven arrests in connection to a police investigation into Lapsus$ . Although the group had been considered inactive by April 2022, the group is believed to have re-emerged in
September 2022 with a series of data breaches against various large companies through a similar
242:
through the compromised account of a third-party customer support engineer. Okta confirmed the breach on 25 January 2022. Based on the final forensic report, Okta's Chief
Security Officer David Bradbury said the attack only impacted two active customers. Okta began investigating claims of a hack
512:
and subsequently accused of the attacks on the Brazil
Ministry of Health and other cybercrimes after "Operation Dark Cloud". Lapsus$ also targeted dozens of other organizations and entities from the Brazilian Federal Government, including the Ministry of Economy, the Comptroller General of the
263:
became aware of a breach into its systems. Lapsus$ claimed to have a terabyte of data from Nvidia, and threatened to release the "complete silicon, graphics, and computer chipset files for all recent NVIDIA GPUs, including the RTX 3090Ti and upcoming revisions" if Nvidia didn't open-source its
536:
or network access to obtain sensitive data, such as customer account details or source code. The group then extorted the victim organisation with threats of disclosing the data. In the conspicuous cases, the data was then subsequently released, and information posted on
Telegram.
527:
was based on obtaining access to a victim organisation's corporate network by acquiring credentials from privileged employees. These credentials were acquired in a number of ways, including recruitment or hacking privileged employees using methods such as
449:, and the Lapsus$ Telegram channel was used to announce data dumps and to recruit accomplices. As of March 2022, it has nearly 50,000 subscribers. The group posted polls as to which organisation the group should target next.
415:. The hacker is thought to have been affiliated with Lapsus$ . On 25 December 2023, additional content obtained from the breach a year prior was reported to have been leaked, including game files for the planned follow-up to
169:, and targeting suppliers. Once the group has gained the credentials to a privileged employee within the target organisation, the group then attempts to obtain sensitive data through a variety of means, including using
2050:
243:
after Lapsus$ shared screenshots in a
Telegram channel implying they had breached Okta's customer networks. Initially, Okta said that a Lapsus$ hacker obtained Remote Desktop (
1446:
1317:
1239:
571:
1984:
1904:
1828:
657:
631:
2425:
1568:
1874:
1754:
150:
against companies and government agencies. The group was active in several countries, and has had its members arrested in Brazil and the UK in 2022. According to
1214:
1935:
2085:
1696:
1280:
2040:
1869:
1854:
877:
545:
162:
2030:
1001:
700:
2035:
1480:
1418:
1644:
785:
1859:
1027:
975:
1162:
1818:
1594:
812:
726:
2246:
1864:
333:
328:. A prominent member of Lapsus$ going by the pseudonym "White" unsuccessfully attempted to gain access to the T-Mobile accounts of the
1950:
1780:
1747:
1454:
597:
1303:
184:'s computer systems in December 2021. Lapsus$ gained notoriety for a series of cyberattacks against large tech companies, including
2296:
956:
359:
channel. The following day, the group released a 37 GB zip file containing, among other things, "90% of the source code for the
2060:
329:
300:
confirmed that user data for 300,000 customers had been accessed by Lapsus$ ; the group also claimed to have access to 24,000
1813:
904:
1384:
1132:
1619:
1079:
1960:
1775:
1740:
541:
422:
158:
1105:
2142:
1945:
1884:
757:
484:
in connection to a police investigation into Lapsus$ . Arion Kurtaj, a prominent member of the group with the pseudonym
301:
2009:
227:
181:
177:
had been used for communications to the public, including recruitment and posting sensitive data from their victims.
2132:
2004:
1889:
1879:
1053:
2241:
1925:
552:
325:
2080:
1266:
1366:
1054:"Ubisoft says it experienced a 'cyber security incident', and the purported Nvidia hackers are taking credit"
2187:
2122:
1994:
244:
689:
2420:
2308:
2192:
1909:
324:
On 17 March 2022, Lapsus$ had gained access to an employee account within the telecommunications company
316:
confirmed that it had experienced a "cyber security incident", although user data had not been accessed.
238:
On 21 January 2022, Lapsus$ had gained access into the servers of identity and access management company
1571:[Federal Police arrests Brazilian suspected of integrating international criminal organization],
1188:
2284:
2102:
1930:
1894:
1308:
504:
On
October 19, 2022, a Brazilian citizen believed to be a Lapsus$ member was arrested by the police in
481:
197:
151:
1838:
498:
434:
210:
1670:
1447:"16-year-old living with his mom is mastermind behind Lapsus$ Microsoft hack, cyber detectives say"
2430:
2392:
1965:
1899:
1833:
446:
407:
400:
356:
174:
1506:
2371:
2152:
1823:
417:
464:
According to the indictment, the group's mastermind was Arion Kurtaj, a 16-year-old residing in
493:
2225:
2220:
2107:
2025:
1989:
1727:
2117:
2045:
505:
336:. Lapsus$ was, however, able to obtain the source code repositories belonging to T-Mobile.
930:
2314:
2147:
2092:
1999:
349:
268:. On 3 March 2022 the credentials for Nvidia's over 71,000 employees emerged online.
878:"Brazilian Ministry of Health suffers cyberattack and COVID-19 vaccination data vanishes"
2266:
2137:
572:"DEV-0537 criminal actor targeting organizations for data exfiltration and destruction"
533:
523:
469:
360:
285:
206:
170:
2414:
2387:
2230:
2202:
1313:
297:
265:
75:
2197:
2097:
2055:
658:"Samsung Confirms Massive Galaxy Hack After 190GB Data Torrent Shared Via Telegram"
277:
166:
143:
79:
1550:
1524:
1392:
931:"Leaked Details of the Lapsus$ Hack Make Okta's Slow Response Look More Bizarre"
858:
829:
2272:
1940:
430:
147:
1569:"PF prende brasileiro suspeito de integrar organização criminosa internacional"
1340:
632:"Cybercriminals who breached Nvidia issue one of the most unusual demands ever"
472:
report stated that the group has seven members and was likely formed recently.
2260:
2177:
2167:
1276:
372:
239:
46:
690:"Review of the attacks associated with Lapsus$ and associated threat groups"
513:
Union, and the
Federal Highway Police. The data appears permanently deleted.
2326:
2278:
2112:
1808:
1723:
1133:"Microsoft confirms Lapsus$ hackers stole source code via 'limited' access"
605:
488:
was arrested in Oxford, England. His identity had allegedly previously been
345:
185:
139:
131:
83:
1620:"Lapsus$ Ransomware Group is hiring, it announced recruitment of insiders"
480:
On 24 March 2022, seven people aged between 16 and 21 were arrested by the
1481:"Teen hacked Uber, Revolut and Grand Theft Auto maker, London court hears"
1215:"IT giant Globant discloses hack after Lapsus$ leaks 70GB of stolen data"
786:"Brazil health ministry website hit by hackers, vaccination data targeted"
2355:
2302:
2290:
2254:
1955:
1525:"Lapsus$ : Oxford teen accused of being multi-millionaire cyber-criminal"
529:
344:
On 20 March 2022, Lapsus$ posted a screenshot of the technology company
813:"Seven teenagers arrested in connection with the Lapsus$ hacking group"
2350:
2320:
2172:
2157:
1732:
1697:"How fame-seeking teenagers hacked some of the world's biggest targets"
489:
376:
313:
281:
226:
The first known cyberattack committed by Lapsus$ was against Brazil's
193:
957:"Nvidia says its 'proprietary information' is being leaked by hackers"
2212:
2127:
465:
352:
260:
189:
87:
1645:"MFA Fatigue: Hackers' new favorite tactic in high-profile breaches"
551:
The methods used by Lapsus$ were the subject of a review by the US
492:
by a former associate, and various groups including research group
180:
The first major cyberattack attributed to Lapsus$ was against the
2182:
1419:"Teen Suspected by Cyber Researchers of Being Lapsus$ Mastermind"
1271:
882:
509:
468:, England, with another core member being a teenager in Brazil. A
173:
tools. Attempts at extortion follow. Initially, the messaging app
1028:"E-commerce giant Mercado Libre confirms source code data breach"
976:"NVIDIA data breach exposed credentials of over 71,000 employees"
1441:
1439:
727:"The FCC says new rules will curb SIM swapping. I'm pessimistic"
388:
202:
1736:
1341:"Rumor: GTA 5 Source Code and Other Rockstar Files Leak Online"
1163:"Lapsus$ hackers leak 37GB of Microsoft's alleged source code"
1131:
Clark, Mitchell; Lawler, Richard; Peters, Jay (22 March 2022).
288:
line of phones. Samsung confirmed the breach three days later.
1595:"Brazil arrests suspect believed to be a Lapsus$ gang member"
1507:"Lapsus$ gang sends a worrying message to would-be criminals"
1189:"'This Is Really, Really Bad': Lapsus$ Gang Claims Okta Hack"
453:
1304:"Uber 'in contact with the FBI' over potential GTA 6 hacker"
497:
Kurtaj received an order to indefinitely remain in a secure
405:
On 18 September 2022, 90 videos of game footage relating to
1106:"Microsoft Investigating Claim of Breach by Extortion Gang"
830:"Lapsus$ : Court finds teenagers carried out hacking spree"
1551:"Lapsus$ : Two UK teenagers charged with hacking for gang"
433:
to Grand Theft Auto V, which included hints about planned
1240:"Uber says Lapsus$ -linked hacker responsible for breach"
859:"Lapsus$ : GTA 6 hacker handed indefinite hospital order"
1080:"Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code"
1367:"The Lapsus$ Hacking Group Is Off to a Chaotic Start"
1002:"Is Lapsus$ targeting Big Tech after Samsung breach?"
905:"Okta hack puts thousands of businesses on high alert"
1267:"Uber Blames Recent Breach on LAPSUS$ Hacking Group"
379:
confirmed its network had been breached by Lapsus$ .
157:
Lapsus$ uses a variety of attack vectors, including
1417:
Turton, William; Robertson, Jordan (23 March 2022).
758:"A Closer Look at the LAPSUS$ Data Extortion Group"
247:) access to a Sitel support engineer's laptop over "
2380:
2364:
2343:
2336:
2239:
2211:
2073:
2018:
1977:
1918:
1847:
1801:
1794:
113:
103:
93:
71:
61:
53:
42:
34:
26:
1985:Munster Technological University ransomware attack
456:made an appeal for information on 21 March 2022.
391:announced that it had been breached by Lapsus$ .
280:to internal data belonging to phone manufacturer
1412:
1410:
296:On 8 March 2022, Argentinian e-commerce company
1875:Waikato District Health Board ransomware attack
780:
778:
82:, recruitment of accomplices via social media,
401:Grand Theft Auto VI § September 2022 leak
1936:Anonymous and the Russian invasion of Ukraine
1748:
154:at least two of the members were teenagers.
8:
1905:National Rifle Association ransomware attack
1829:United States federal government data breach
1156:
1154:
21:
699:. US Government Cyber Safety Review Board.
2340:
1870:Health Service Executive ransomware attack
1798:
1755:
1741:
1733:
1575:(in Brazilian Portuguese), 19 October 2022
546:multi-factor authentication fatigue attack
276:On 4 March 2022, Lapsus$ posted a 190 GB
20:
625:
623:
221:
824:
822:
684:
682:
680:
678:
259:On 23 February 2022, technology company
2426:Internet properties established in 2021
1860:Ivanti Pulse Connect Secure data breach
751:
749:
747:
563:
1339:Armughanuddin, Md (25 December 2023).
1320:from the original on 19 September 2022
1283:from the original on 19 September 2022
2041:Ukrainian cyberattacks against Russia
1819:European Medicines Agency data breach
1669:Whittaker, Zack (19 September 2022).
1618:Paganini, Pierluigi (11 March 2022).
1474:
1472:
853:
851:
251:" between January 16 and January 21.
7:
1671:"How do you stop another Uber hack?"
1302:Robinson, Andy (19 September 2022).
2036:Change Healthcare ransomware attack
1865:Colonial Pipeline ransomware attack
876:Mari, Angelica (10 December 2021),
706:from the original on 10 August 2023
334:United States Department of Defense
284:, including the source code of its
1593:Gatlan, Sergiu (19 October 2022),
1365:Newman, Lily Hay (15 March 2022).
1265:Kan, Michael (20 September 2022).
1187:Newman, Lily Hay (22 March 2022).
929:Newman, Lily Hay (28 March 2022).
222:Brazil's Ministry of Health (2021)
14:
445:The group used the messaging app
312:On 10 March 2022, gaming company
1855:Microsoft Exchange Server breach
1000:Glover, Claudia (7 March 2022).
955:Clark, Mitchell (1 March 2022).
725:Goodin, Dan (18 November 2023).
2061:IRLeaks attack on Iranian banks
1391:. 21 March 2022. Archived from
974:Gatlan, Sergiu (3 March 2022).
330:Federal Bureau of Investigation
196:. Following these attacks, the
1695:Goodin, Dan (11 August 2023).
1078:Krebs, Brian (22 April 2022).
756:Krebs, Brian (23 March 2022).
656:Winder, Davey (8 March 2022).
1:
2056:Fur Affinity domain hijacking
1961:Shanghai police database leak
1951:Costa Rican ransomware attack
1213:Goodin, Dan (30 March 2022).
1104:Cox, Joseph (21 March 2022).
1052:Peters, Jay (11 March 2022).
903:Porter, Jon (22 March 2022).
811:Peters, Jay (24 March 2022).
1885:Kaseya VSA ransomware attack
1505:Burt, Jeff (17 March 2022).
630:Goodin, Dan (4 March 2022).
304:belonging to Mercado Libre.
2010:British Library cyberattack
2000:Insomniac Games data breach
1479:Tobin, Sam (11 July 2023).
598:"Defending against attacks"
395:Rockstar Games (2022, 2023)
2449:
2005:Polish railway cyberattack
1890:Transnet ransomware attack
1880:JBS S.A. ransomware attack
398:
16:International hacker group
1814:Twitter account hijacking
1768:
553:Cyber Safety Review Board
201:attack vector, including
182:Brazilian Health Ministry
608:Security. 22 August 2022
1946:DDoS attacks on Romania
1385:"Most Wanted: LAPSUS$ "
576:Microsoft Security Blog
476:Arrests and convictions
99:7 (March 2022 estimate)
540:Lapsus$ has used the
437:content for the game.
387:On 15 September 2022,
146:known for its various
138:, is an international
2285:Account pre-hijacking
2031:Kadokawa and Niconico
1931:Red Cross data breach
1309:Video Games Chronicle
548:in its hack of Uber.
532:. Lapsus$ then used
482:City of London Police
198:City of London Police
152:City of London Police
1956:LastPass vault theft
1926:Ukraine cyberattacks
1839:Vastaamo data breach
1763:Hacking in the 2020s
521:The group's assumed
499:psychiatric facility
292:Mercado Libre (2022)
211:psychiatric facility
2051:Trump campaign hack
1967:Grand Theft Auto VI
1834:EasyJet data breach
1511:www.theregister.com
1246:. 17 September 2023
865:. 21 December 2023.
427:Grand Theft Auto VI
408:Grand Theft Auto VI
23:
2153:IT Army of Ukraine
1995:MOVEit data breach
1824:Nintendo data leak
1785:2030s →
1161:Abrams, Lawrence.
792:. 11 December 2021
544:tactic known as a
542:social engineering
375:-based IT company
371:On 30 March 2022,
228:Ministry of Health
159:social engineering
136:Strawberry Tempest
130:and classified by
105:Official language
2405:
2404:
2401:
2400:
2226:maia arson crimew
2221:Graham Ivan Clark
2086:associated events
2069:
2068:
2026:XZ Utils backdoor
1990:Evide data breach
1910:Banco de Oro hack
1789:
1788:
1728:Krebs on Security
1084:Krebs on Security
762:Krebs On Security
249:a five-day window
121:
120:
2438:
2341:
2046:2024 WazirX hack
1895:Epik data breach
1799:
1771:
1770:
1757:
1750:
1743:
1734:
1712:
1711:
1709:
1707:
1692:
1686:
1685:
1683:
1681:
1666:
1660:
1659:
1657:
1655:
1649:BleepingComputer
1641:
1635:
1634:
1632:
1630:
1624:Security Affairs
1615:
1609:
1608:
1607:
1605:
1599:BleepingComputer
1590:
1584:
1583:
1582:
1580:
1565:
1559:
1558:
1547:
1541:
1540:
1538:
1536:
1521:
1515:
1514:
1502:
1496:
1495:
1493:
1491:
1476:
1467:
1466:
1464:
1462:
1457:on 1 August 2022
1453:. Archived from
1443:
1434:
1433:
1431:
1429:
1414:
1405:
1404:
1402:
1400:
1381:
1375:
1374:
1362:
1356:
1355:
1353:
1351:
1336:
1330:
1329:
1327:
1325:
1299:
1293:
1292:
1290:
1288:
1262:
1256:
1255:
1253:
1251:
1236:
1230:
1229:
1227:
1225:
1210:
1204:
1203:
1201:
1199:
1184:
1178:
1177:
1175:
1173:
1167:BleepingComputer
1158:
1149:
1148:
1146:
1144:
1128:
1122:
1121:
1119:
1117:
1101:
1095:
1094:
1092:
1090:
1075:
1069:
1068:
1066:
1064:
1049:
1043:
1042:
1040:
1038:
1032:BleepingComputer
1023:
1017:
1016:
1014:
1012:
997:
991:
990:
988:
986:
980:BleepingComputer
971:
965:
964:
952:
946:
945:
943:
941:
926:
920:
919:
917:
915:
900:
894:
893:
892:
890:
873:
867:
866:
855:
846:
845:
843:
841:
836:. 23 August 2023
826:
817:
816:
808:
802:
801:
799:
797:
782:
773:
772:
770:
768:
753:
742:
741:
739:
737:
722:
716:
715:
713:
711:
705:
694:
686:
673:
672:
670:
668:
653:
647:
646:
644:
642:
627:
618:
617:
615:
613:
602:Security Insider
594:
588:
587:
585:
583:
568:
506:Feira de Santana
363:search engine".
355:server to their
340:Microsoft (2022)
24:
2448:
2447:
2441:
2440:
2439:
2437:
2436:
2435:
2411:
2410:
2408:
2406:
2397:
2376:
2360:
2332:
2244:
2242:vulnerabilities
2235:
2207:
2093:Anonymous Sudan
2065:
2014:
1973:
1914:
1843:
1795:Major incidents
1790:
1764:
1761:
1720:
1715:
1705:
1703:
1694:
1693:
1689:
1679:
1677:
1668:
1667:
1663:
1653:
1651:
1643:
1642:
1638:
1628:
1626:
1617:
1616:
1612:
1603:
1601:
1592:
1591:
1587:
1578:
1576:
1567:
1566:
1562:
1557:. 1 April 2022.
1549:
1548:
1544:
1534:
1532:
1531:. 24 March 2022
1523:
1522:
1518:
1504:
1503:
1499:
1489:
1487:
1478:
1477:
1470:
1460:
1458:
1445:
1444:
1437:
1427:
1425:
1416:
1415:
1408:
1398:
1396:
1395:on 3 April 2022
1383:
1382:
1378:
1364:
1363:
1359:
1349:
1347:
1338:
1337:
1333:
1323:
1321:
1301:
1300:
1296:
1286:
1284:
1264:
1263:
1259:
1249:
1247:
1238:
1237:
1233:
1223:
1221:
1212:
1211:
1207:
1197:
1195:
1186:
1185:
1181:
1171:
1169:
1160:
1159:
1152:
1142:
1140:
1130:
1129:
1125:
1115:
1113:
1103:
1102:
1098:
1088:
1086:
1077:
1076:
1072:
1062:
1060:
1051:
1050:
1046:
1036:
1034:
1025:
1024:
1020:
1010:
1008:
999:
998:
994:
984:
982:
973:
972:
968:
954:
953:
949:
939:
937:
928:
927:
923:
913:
911:
902:
901:
897:
888:
886:
875:
874:
870:
857:
856:
849:
839:
837:
828:
827:
820:
810:
809:
805:
795:
793:
784:
783:
776:
766:
764:
755:
754:
745:
735:
733:
724:
723:
719:
709:
707:
703:
692:
688:
687:
676:
666:
664:
655:
654:
650:
640:
638:
629:
628:
621:
611:
609:
596:
595:
591:
581:
579:
578:. 22 March 2022
570:
569:
565:
561:
519:
478:
462:
443:
429:, and the full
403:
397:
385:
369:
342:
322:
320:T-Mobile (2022)
310:
294:
274:
257:
236:
224:
219:
106:
96:
64:
17:
12:
11:
5:
2446:
2445:
2442:
2434:
2433:
2428:
2423:
2413:
2412:
2403:
2402:
2399:
2398:
2396:
2395:
2390:
2384:
2382:
2378:
2377:
2375:
2374:
2368:
2366:
2362:
2361:
2359:
2358:
2353:
2347:
2345:
2338:
2334:
2333:
2331:
2330:
2324:
2318:
2312:
2306:
2300:
2294:
2288:
2282:
2276:
2270:
2267:PrintNightmare
2264:
2258:
2251:
2249:
2237:
2236:
2234:
2233:
2228:
2223:
2217:
2215:
2209:
2208:
2206:
2205:
2200:
2195:
2193:Sakura Samurai
2190:
2185:
2180:
2175:
2170:
2165:
2160:
2155:
2150:
2145:
2140:
2138:GnosticPlayers
2135:
2130:
2125:
2120:
2115:
2110:
2105:
2100:
2095:
2090:
2089:
2088:
2077:
2075:
2071:
2070:
2067:
2066:
2064:
2063:
2058:
2053:
2048:
2043:
2038:
2033:
2028:
2022:
2020:
2016:
2015:
2013:
2012:
2007:
2002:
1997:
1992:
1987:
1981:
1979:
1975:
1974:
1972:
1971:
1963:
1958:
1953:
1948:
1943:
1938:
1933:
1928:
1922:
1920:
1916:
1915:
1913:
1912:
1907:
1902:
1900:FBI email hack
1897:
1892:
1887:
1882:
1877:
1872:
1867:
1862:
1857:
1851:
1849:
1845:
1844:
1842:
1841:
1836:
1831:
1826:
1821:
1816:
1811:
1805:
1803:
1796:
1792:
1791:
1787:
1786:
1783:
1778:
1769:
1766:
1765:
1762:
1760:
1759:
1752:
1745:
1737:
1731:
1730:
1719:
1718:External links
1716:
1714:
1713:
1687:
1661:
1636:
1610:
1585:
1560:
1542:
1516:
1497:
1468:
1435:
1406:
1376:
1357:
1331:
1294:
1257:
1231:
1205:
1179:
1150:
1123:
1096:
1070:
1044:
1018:
992:
966:
947:
921:
895:
868:
847:
818:
803:
774:
743:
717:
674:
648:
619:
589:
562:
560:
557:
534:remote desktop
524:modus operandi
518:
515:
477:
474:
461:
458:
442:
439:
396:
393:
384:
381:
368:
367:Globant (2022)
365:
341:
338:
321:
318:
309:
308:Ubisoft (2022)
306:
293:
290:
286:Samsung Galaxy
273:
272:Samsung (2022)
270:
266:device drivers
256:
253:
235:
232:
223:
220:
218:
215:
207:Rockstar Games
171:remote desktop
126:, stylised as
119:
118:
115:
111:
110:
107:
104:
101:
100:
97:
94:
91:
90:
73:
69:
68:
65:
62:
59:
58:
55:
51:
50:
44:
40:
39:
36:
32:
31:
28:
15:
13:
10:
9:
6:
4:
3:
2:
2444:
2443:
2432:
2429:
2427:
2424:
2422:
2421:Hacker groups
2419:
2418:
2416:
2409:
2394:
2391:
2389:
2388:Cyclops Blink
2386:
2385:
2383:
2379:
2373:
2370:
2369:
2367:
2363:
2357:
2354:
2352:
2349:
2348:
2346:
2342:
2339:
2335:
2328:
2325:
2322:
2319:
2316:
2313:
2310:
2307:
2304:
2301:
2298:
2295:
2292:
2289:
2286:
2283:
2280:
2277:
2274:
2271:
2268:
2265:
2262:
2259:
2256:
2253:
2252:
2250:
2248:
2243:
2238:
2232:
2229:
2227:
2224:
2222:
2219:
2218:
2216:
2214:
2210:
2204:
2203:Wizard Spider
2201:
2199:
2196:
2194:
2191:
2189:
2186:
2184:
2181:
2179:
2176:
2174:
2171:
2169:
2166:
2164:
2161:
2159:
2156:
2154:
2151:
2149:
2146:
2144:
2141:
2139:
2136:
2134:
2131:
2129:
2126:
2124:
2121:
2119:
2116:
2114:
2111:
2109:
2106:
2104:
2101:
2099:
2096:
2094:
2091:
2087:
2084:
2083:
2082:
2079:
2078:
2076:
2072:
2062:
2059:
2057:
2054:
2052:
2049:
2047:
2044:
2042:
2039:
2037:
2034:
2032:
2029:
2027:
2024:
2023:
2021:
2017:
2011:
2008:
2006:
2003:
2001:
1998:
1996:
1993:
1991:
1988:
1986:
1983:
1982:
1980:
1976:
1970:
1968:
1964:
1962:
1959:
1957:
1954:
1952:
1949:
1947:
1944:
1942:
1939:
1937:
1934:
1932:
1929:
1927:
1924:
1923:
1921:
1917:
1911:
1908:
1906:
1903:
1901:
1898:
1896:
1893:
1891:
1888:
1886:
1883:
1881:
1878:
1876:
1873:
1871:
1868:
1866:
1863:
1861:
1858:
1856:
1853:
1852:
1850:
1846:
1840:
1837:
1835:
1832:
1830:
1827:
1825:
1822:
1820:
1817:
1815:
1812:
1810:
1807:
1806:
1804:
1800:
1797:
1793:
1784:
1782:
1779:
1777:
1774:←
1773:
1772:
1767:
1758:
1753:
1751:
1746:
1744:
1739:
1738:
1735:
1729:
1725:
1722:
1721:
1717:
1702:
1698:
1691:
1688:
1676:
1672:
1665:
1662:
1650:
1646:
1640:
1637:
1625:
1621:
1614:
1611:
1600:
1596:
1589:
1586:
1574:
1570:
1564:
1561:
1556:
1552:
1546:
1543:
1530:
1526:
1520:
1517:
1512:
1508:
1501:
1498:
1486:
1482:
1475:
1473:
1469:
1456:
1452:
1448:
1442:
1440:
1436:
1424:
1420:
1413:
1411:
1407:
1394:
1390:
1386:
1380:
1377:
1372:
1368:
1361:
1358:
1346:
1342:
1335:
1332:
1319:
1315:
1314:Gamer Network
1311:
1310:
1305:
1298:
1295:
1282:
1278:
1274:
1273:
1268:
1261:
1258:
1245:
1241:
1235:
1232:
1220:
1216:
1209:
1206:
1194:
1190:
1183:
1180:
1168:
1164:
1157:
1155:
1151:
1138:
1134:
1127:
1124:
1111:
1107:
1100:
1097:
1085:
1081:
1074:
1071:
1059:
1055:
1048:
1045:
1033:
1029:
1022:
1019:
1007:
1003:
996:
993:
981:
977:
970:
967:
962:
958:
951:
948:
936:
932:
925:
922:
910:
906:
899:
896:
885:
884:
879:
872:
869:
864:
860:
854:
852:
848:
835:
831:
825:
823:
819:
814:
807:
804:
791:
787:
781:
779:
775:
763:
759:
752:
750:
748:
744:
732:
728:
721:
718:
702:
698:
691:
685:
683:
681:
679:
675:
663:
659:
652:
649:
637:
633:
626:
624:
620:
607:
603:
599:
593:
590:
577:
573:
567:
564:
558:
556:
555:in mid 2023.
554:
549:
547:
543:
538:
535:
531:
526:
525:
516:
514:
511:
507:
502:
500:
495:
491:
487:
483:
475:
473:
471:
467:
459:
457:
455:
450:
448:
440:
438:
436:
432:
428:
424:
420:
419:
414:
410:
409:
402:
394:
392:
390:
382:
380:
378:
374:
366:
364:
362:
358:
354:
351:
347:
339:
337:
335:
331:
327:
319:
317:
315:
307:
305:
303:
299:
298:Mercado Libre
291:
289:
287:
283:
279:
271:
269:
267:
262:
255:Nvidia (2022)
254:
252:
250:
246:
241:
233:
231:
229:
216:
214:
212:
208:
204:
199:
195:
191:
187:
183:
178:
176:
172:
168:
164:
160:
155:
153:
149:
145:
141:
137:
133:
129:
125:
116:
112:
108:
102:
98:
92:
89:
85:
81:
77:
76:Spearphishing
74:
70:
67:International
66:
60:
56:
52:
48:
45:
41:
37:
33:
29:
25:
19:
2407:
2198:ShinyHunters
2162:
2098:Berserk Bear
1969:content leak
1966:
1704:. Retrieved
1701:Ars Technica
1700:
1690:
1680:20 September
1678:. Retrieved
1674:
1664:
1654:20 September
1652:. Retrieved
1648:
1639:
1627:. Retrieved
1623:
1613:
1602:, retrieved
1598:
1588:
1577:, retrieved
1572:
1563:
1554:
1545:
1533:. Retrieved
1528:
1519:
1510:
1500:
1488:. Retrieved
1484:
1459:. Retrieved
1455:the original
1450:
1426:. Retrieved
1422:
1397:. Retrieved
1393:the original
1388:
1379:
1370:
1360:
1348:. Retrieved
1344:
1334:
1324:20 September
1322:. Retrieved
1307:
1297:
1287:19 September
1285:. Retrieved
1270:
1260:
1250:17 September
1248:. Retrieved
1243:
1234:
1222:. Retrieved
1219:Ars Technica
1218:
1208:
1196:. Retrieved
1192:
1182:
1170:. Retrieved
1166:
1141:. Retrieved
1136:
1126:
1114:. Retrieved
1109:
1099:
1087:. Retrieved
1083:
1073:
1061:. Retrieved
1057:
1047:
1035:. Retrieved
1031:
1026:Sharma, Ax.
1021:
1009:. Retrieved
1006:Tech Monitor
1005:
995:
985:21 September
983:. Retrieved
979:
969:
960:
950:
938:. Retrieved
934:
924:
912:. Retrieved
908:
898:
887:, retrieved
881:
871:
862:
838:. Retrieved
833:
806:
794:. Retrieved
789:
765:. Retrieved
761:
734:. Retrieved
731:Ars Technica
730:
720:
708:. Retrieved
696:
665:. Retrieved
661:
651:
639:. Retrieved
636:Ars Technica
635:
610:. Retrieved
601:
592:
580:. Retrieved
575:
566:
550:
539:
530:SIM swapping
522:
520:
503:
485:
479:
463:
451:
444:
441:Interactions
426:
416:
412:
406:
404:
386:
370:
343:
323:
311:
302:repositories
295:
275:
258:
248:
237:
225:
179:
167:SIM swapping
156:
148:cyberattacks
144:hacker group
135:
127:
123:
122:
114:Affiliations
95:Membership
80:SIM swapping
54:Headquarters
38:Arion Kurtaj
18:
2273:FORCEDENTRY
2213:Individuals
2133:Ghostwriter
1941:Viasat hack
1604:27 December
1579:27 December
1389:www.fbi.gov
1350:26 December
1139:. Vox Media
1110:Motherboard
889:27 December
736:19 November
460:Composition
431:source code
411:emerged on
383:Uber (2022)
234:Okta (2022)
163:MFA fatigue
2431:Cybercrime
2415:Categories
2261:Thunderspy
2178:OceanLotus
2168:LightBasin
2118:DarkMatter
1675:TechCrunch
1277:Ziff Davis
559:References
399:See also:
373:Luxembourg
47:Cybercrime
2393:Pipedream
2327:Sinkclose
2279:Log4Shell
2247:disclosed
2245:publicly
2143:Guacamaya
2113:Cozy Bear
2081:Anonymous
1809:BlueLeaks
1706:11 August
1461:8 October
1423:Bloomberg
1345:Game Rant
1137:The Verge
1058:The Verge
961:The Verge
909:The Verge
840:23 August
710:11 August
612:8 October
606:Microsoft
494:Unit 221B
490:disclosed
470:Bloomberg
413:GTAForums
346:Microsoft
186:Microsoft
142:-focused
140:extortion
132:Microsoft
84:extortion
27:Formation
2372:Predator
2356:Drovorub
2315:Terrapin
2303:LogoFAIL
2297:Downfall
2291:Retbleed
2255:SMBGhost
2231:Kirtaner
2188:Sandworm
2163:Lapsus$
2123:DarkSide
2103:BlackCat
1781:Timeline
1724:DEV-0537
1629:23 March
1555:BBC News
1535:25 March
1529:BBC News
1428:23 March
1318:Archived
1281:Archived
1224:31 March
1198:23 March
1172:23 March
1143:22 March
1116:21 March
1089:22 April
1063:14 March
1037:23 March
1011:14 March
914:22 March
863:BBC News
834:BBC News
796:24 March
767:24 March
701:Archived
697:CISA.Gov
667:14 March
641:14 March
582:24 March
517:Analysis
447:Telegram
425:code to
357:Telegram
332:and the
326:T-Mobile
175:Telegram
128:LAPSUS$
124:Lapsus$
22:Lapsus$
2351:Adrozek
2337:Malware
2321:GoFetch
2173:LockBit
2158:Killnet
2148:Hafnium
1490:17 July
1485:Reuters
1451:Fortune
1399:5 April
1244:Reuters
940:1 April
790:Reuters
377:Globant
314:Ubisoft
282:Samsung
278:torrent
217:Attacks
194:Samsung
117:Unknown
109:English
88:hacking
72:Methods
63:Region
57:Unknown
35:Founder
2329:(2024)
2323:(2024)
2317:(2023)
2311:(2023)
2309:Reptar
2305:(2023)
2299:(2023)
2293:(2022)
2287:(2022)
2281:(2021)
2275:(2021)
2269:(2021)
2263:(2020)
2257:(2020)
2240:Major
2128:Dridex
2074:Groups
1573:gov.br
1112:. Vice
662:Forbes
466:Oxford
423:Python
353:DevOps
261:Nvidia
192:, and
190:Nvidia
2183:REvil
1776:2010s
1371:Wired
1272:PCMag
1193:Wired
935:Wired
883:ZDNET
704:(PDF)
693:(PDF)
510:Bahia
486:White
418:Bully
350:Azure
2381:2022
2365:2021
2344:2020
2108:Clop
2019:2024
1978:2023
1919:2022
1848:2021
1802:2020
1708:2023
1682:2022
1656:2022
1631:2022
1606:2023
1581:2023
1537:2022
1492:2023
1463:2022
1430:2022
1401:2022
1352:2023
1326:2022
1289:2022
1252:2023
1226:2022
1200:2022
1174:2022
1145:2022
1118:2022
1091:2022
1065:2022
1039:2022
1013:2022
987:2022
942:2022
916:2022
891:2023
842:2023
798:2022
769:2022
738:2023
712:2023
669:2022
643:2022
614:2022
584:2022
452:The
389:Uber
361:Bing
240:Okta
205:and
203:Uber
49:gang
43:Type
30:2021
454:FBI
435:DLC
348:'s
245:RDP
134:as
2417::
1726:-
1699:.
1673:.
1647:.
1622:.
1597:,
1553:.
1527:.
1509:.
1483:.
1471:^
1449:.
1438:^
1421:.
1409:^
1387:.
1369:.
1343:.
1316:.
1312:.
1306:.
1279:.
1275:.
1269:.
1242:.
1217:.
1191:.
1165:.
1153:^
1135:.
1108:.
1082:.
1056:.
1030:.
1004:.
978:.
959:.
933:.
907:.
880:,
861:.
850:^
832:.
821:^
788:.
777:^
760:.
746:^
729:.
695:.
677:^
660:.
634:.
622:^
604:.
600:.
574:.
508:,
501:.
421:,
213:.
188:,
165:,
161:,
86:,
78:,
1756:e
1749:t
1742:v
1710:.
1684:.
1658:.
1633:.
1539:.
1513:.
1494:.
1465:.
1432:.
1403:.
1373:.
1354:.
1328:.
1291:.
1254:.
1228:.
1202:.
1176:.
1147:.
1120:.
1093:.
1067:.
1041:.
1015:.
989:.
963:.
944:.
918:.
844:.
815:.
800:.
771:.
740:.
714:.
671:.
645:.
616:.
586:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.