Brazilian Police Arrest Suspected Member of Lapsus$ Hacking Group

The Federal Police of Brazil on Wednesday announced it had
arrested an individual for purported links to the notorious LAPSUS$
extortionist gang.

The arrest was made as part of a new law enforcement effort,
dubbed Operation Dark Cloud, that was launched in August 2022, the
agency noted. Not much is known about the suspect other than the
fact that the person could be a teenager.

The Polícia Federal said it commenced its investigation in
December 2021 following an attack on websites under Brazil’s
Ministry of Health ^[1], resulting in the
alleged exfiltration of 50TB of data and temporary unavailability ^[2] of COVID-19 vaccination
data of millions of citizens.

Other federal government portals targeted by the LAPSUS$ group
in Brazil include the Ministry of Economy, Comptroller General of
the Union, and the Federal Highway Police.

“The crimes determined in the police investigation are those of
criminal organization, invasion of a computer device, interruption
or disturbance of telegraphic, radio, telegraphic or telephone
service, preventing or hindering its restoration,” it said ^[3].

Israeli cybersecurity firm Check Point, earlier this March,
characterized ^[4]
the cybercrime crew as a “Portuguese hacking group from
Brazil.”

The findings come after the City of London Police arrested seven individuals ^[5] from the U.K. in late
March 2022, subsequently charging two of the juvenile
defendants ^[6] for breaking into
computer systems and carrying out proprietary data theft.

The LAPSUS$ gang, in less than a year, has attracted worldwide
notoriety for their headline-grabbing attacks on Microsoft ^[7], Cisco ^[8], Samsung ^[9], NVIDIA ^[10], Okta ^[11], Ubisoft ^[12], Globant ^[13], T-Mobile ^[14], Mercado Libre, and
Vodafone.

The group’s earliest intrusions were primarily aimed at
Brazilian and South American institutions, before its members
branched out to targeting other companies located in Europe and the
U.S.

Last month, the City of London Police disclosed it had apprehended ^[15] a 17-year-old teen from
Oxfordshire, who is alleged to be LAPSUS$’s ringleader, in
connection with cyber attacks on Uber ^[16] and Rockstar Games ^[17].

References

^{^}
Ministry
of Health (www.bitdefender.com)
^{^}
temporary unavailability
(www.gov.br)
^{^}
said
(www.gov.br)
^{^}
characterized
(thehackernews.com)
^{^}
arrested
seven individuals (thehackernews.com)
^{^}
charging
two of the juvenile defendants
(thehackernews.com)
^{^}
Microsoft
(thehackernews.com)
^{^}
Cisco
(thehackernews.com)
^{^}
Samsung
(thehackernews.com)
^{^}
NVIDIA
(thehackernews.com)
^{^}
Okta
(thehackernews.com)
^{^}
Ubisoft
(thehackernews.com)
^{^}
Globant
(thehackernews.com)
^{^}
T-Mobile
(thehackernews.com)
^{^}
apprehended
(thehackernews.com)
^{^}
Uber
(thehackernews.com)
^{^}
Rockstar Games
(thehackernews.com)