Colin Thierry
Published on: October 21, 2022
The Brazilian Federal Police arrested a suspect on Wednesday who’s likely a member of the LAPSUS$ hacking group. This group is responsible for cyberattacks on large companies like Nvidia, Samsung, 2K Games, Uber, and many others.
LAPSUS$ gained notoriety over the past year because it targeted these large companies while easily compromising their networks and infrastructure. Although their main approach was through social engineering, they also took advantage of any security misconfigurations they found during their attacks.
This recent arrest in Feira de Santana, Brazil was part of Operation Dark Cloud, which began in August of this year. This operation was launched following attacks on the Ministry of Health and dozens of other bodies and entities of the Federal Government, including the Ministry of Economy, Comptroller General of the Union, and the Federal Highway Police.
“The investigations began last December, when the Federal Police became aware that the cloud environment of the Ministry of Health had been attacked,” the Federal Police said in its press release. “At the time, the attackers deleted files, data and instances from the attacked folder, even leading to the compromise of the website connectus.saude.gov.br, responsible for the National Vaccination Certificate.”
“After the attack, when trying to access the Ministry of Health website (www.saude.gov.br), users found a message stating that system data had been copied and deleted and was in the hands of the invading group,” the police added.
LAPSUS$ first began its operations in South America, attacking a variety of systems like Empresa Brasileira de Correios e Telégrafos, Localiza Rent a Car, and multiple other companies. Over time, the hacking group shifted its focus to companies from Europe and North America, which included Electronic Arts, Samsung, Nvidia, Microsoft, and others.
In April of this year, City of London police arrested two teenagers believed to have ties with the LAPSUS$ hacking group. Then, in September, one of those same suspects was arrested by police again under suspicion that he was behind the Rockstar Games and Uber attacks.
