Is a simple emoji worth the bet? In a brief but vague message posted on Telegram on Saturday, March 12, a purported spokesperson for the Lapsus$ hacker group suggested that the group was behind a computer attack targeting video game giant Ubisoft.
On Thursday, the French company said in a press release that a “cyber security incident” temporarily affected some of the company’s computer systems. With “precaution”The French studio also claimed that the company’s passwords were reset. “To date, there is no evidence that the player’s personal data was exposed or accessed as a result of this incident”The company added.
As expert site LeMagIT points out, a company-wide password reset indicates that the company suspects an actor has hacked into its network or that some access has been compromised.
In recent weeks, the Lapsus$ group has claimed responsibility for several cyberattacks targeting other major start-ups, each time bolstered by the release of classified documents stolen from those companies. However, to date, the group has not released any documents or additional information regarding a possible attack targeting Ubisoft.
A group specializing in data theft
most way of working Suspected to operate in a South American country due to the location of the initial victims, the criminal organization of Lapsus$ is unlike many blackmailing cybercriminal groups. Many of the big players in this industry infiltrate their victims’ computer networks, leaking data from targeted companies, then distributing ransomware, a virus that paralyzes computers on the network by encrypting all the files there. They then demand a ransom in exchange for the decryption key and release the stolen data in drops to put pressure on the victims.
In the case of Lapsus$, however, the attacks attributed to the group show that its members use little or no ransomware. These hackers seem pretty proficient at data theft, but we don’t know if they’re asking their victims to pay for their information not to be distributed. In a message cited by the VX-Underground collective specializing in malware and cybercrime, a supposed member of the group explained don’t use ransomware, “We do not encrypt data, we only steal the most confidential valuable information. »
In February, computer hardware giant, and especially graphics cards maker Nvidia, suffered data hacking and theft alleged by the Lapsus$ group. According to an internal company source quoted by Bloomberg, it was a minor ransomware attack. “Our business activities continue uninterrupted”, had announced the manufacturer in a press release at the time. For its part, the group began posting internal documents on its Telegram channel on February 28. world could not confirm its accuracy.
Earlier in March, Lapsus$ began publishing data it claimed to have stolen from another major manufacturer, Samsung Electronics. A few days later, the company confirmed that it had suffered a computer attack that allowed internal data to be stolen. “According to our initial analysis, the leak contains source codes for Galaxy devices, but not personal data from our customers and employees.”The company added in a statement.
Finally, Lapsus$ also claimed to have stolen confidential data from phone operator Vodafone: the company has announced that it has launched an investigation into these allegations.