They believe he’s the mastermind behind the hacks.
Lapsus$, a hacking group, recently made headlines by releasing source codes it claimed to have stolen from Microsoft and Okta. According to Bloomberg, cybersecurity researchers investigating the attacks have linked them to a 16-year-old boy living with his mother near Oxford, England. While the researchers have identified seven accounts associated with the hacking group, including one traced to another adolescent in Brazil, they believe the adolescent from England is the mastermind and is responsible for some of the major Lapsus$ hacks. However, they were unable to link the teen to all of the attacks carried out by the group.
The researchers looked at forensic evidence from the hacks, as well as public information to determine that the teen was indeed involved. Apparently, rival hackers posted the teenager’s details online, including his address and information about his parents. Bloomberg didn’t release the teen’s personal information and only mentioned that he goes by the aliases “White” and “breachbase.” White is reportedly so skilled at hacking and so fast at what he does that researchers previously thought the attacks were automated.
Some cybersecurity researchers believe that the group is motivated by not just money, but also notoriety, seeing as the actor doesn’t cover its tracks. As Microsoft detailed in its investigation of the Lapsus$ attacks, the group even announces its hacks on social media and publicly posts calls for employees willing to sell their company logins. The bad actor also joins targets’ communications channels, such as their Zoom calls, to taunt the people responding to their attacks.
Microsoft said the group started by targeting organizations in United Kingdom and South America, but that it has since expanded to target entities around the world, including government agencies, telecoms, and companies in the health sector. Both Microsoft and Okta admitted that they suffered a security breach, but both claim limited impact from the attacks.
