A teen is reportedly the mastermind behind the Lapsus$ hacking group

Investigation into a string of hacks that have hit technology companies similar Microsoft, Nvidia Corp and most recently Okta has traced these hacks to an autistic 16-twelvemonth-old male child who goes by the online monikers ‘White’ and ‘breachbase,’ living at his mother’s business firm near Oxford, England.

Reports take failed to identify the sixteen-year-old considering he is a minor. Reports only described the suspect as autistic and attending a special education school in Oxford. The teen lives with his mother in a modest abode located well-nigh 5 miles away from the world-renowned Oxford University.  He was likewise reported to accept declared earned a jaw-dropping $14million through his hacking activities.

Near iv Cyber security experts and researchers who were hired to investigate the hacking group Lapsus$, on behalf of the attacked companies, have said they believe the 16-twelvemonth-quondam teenager is the mastermind. Lapsus$ is a hacking group that has been responsible for a number of high-profile hack incidents that has puzzled cyber security experts. Although the motivation behind the hackers still remains unclear, however many wonder what the motivation might be if non money.

For now, the researchers believe the 16-yr-onetime may be backside some of the biggest hacks carried out by hacking grouping Lapsus$, the researchers are however to conclusively tie him to every hacking incident Lapsus$ has claimed. The cyber researchers accept only been able to link teens to the hacking group based on forensic show pertaining to the hack as well as information scrabble here and there from the public.

According to the investigations, another suspected member of the hacking group Lapsus$ is a teenager who currently resides in Brazil. Reports say that 7 unique accounts accept been identified by the cyber security researchers to be associated with the hacking grouping. This however brings united states to a conclusion that several others are virtually probable involved in the grouping’s operations. One of the researchers has disclosed that the teen is so fast and skilled at hacking that even researchers initially pictured there were automatic. The London police have announced that vii people have been arrested, between ages 16-21, in connection with the Lapsus$ hacks, but the agency did not say whether the alleged mastermind was among those detained. Police have as well stated that all vii suspects have been released pending the outcome of the investigation.

Severally Lapsus$ accept ridiculed their victims by publicly leaking their source code and internal documents. The most recent Lapsus$ exercise surfaced when the group revealed to the public proofs of the Okta alienation. This movement past the group has ultimately sent the company into a public-relations crisis. With approximately 2.5 per cent of her customer base data viewed and potentially been impacted the visitor. In a statement by Okta, an engineer at a 3rd-political party vendor was breached. Okta is a company that has more than than 15,000 customers globally—including multinational companies, universities and governments—who rely on Okta’s software to deeply manage admission to their systems and verify users’ identities.

In a blog postal service, Microsoft too confirms to take been hacked past Lapsus$. The company discloses that the grouping choose to embark on a “large-scale social engineering and extortion campaign against multiple organizations.” The group’s primary mode and practise are to hack companies, steal their data and make a ransom demand for it. Microsoft tracks Lapsus$ as “DEV-0537,” and further disclosed that the grouping wasn’t acting alone, but depends on insiders inside the victimized companies to aid in their hacks. According to ii of the researchers, the Lapsus$ hacking group lacked proper operational security which allowed the cyber security companies to gain Intel knowledge about the teenage hackers.

Lapsus$, which is believed to exist based in South America, has not been shy about its illegal online exploits. The group started targeting organizations in the UK and Southward America before setting its sights on international targets, including governments, tech companies, media, retail and healthcare sectors.