LAPSUS$

March 29, 2022

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

This post was originally published on this siteThere is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can’t wait for a court order because it relates to an urgent matter of life and death. In the United States, when federal, state or local law enforcement agencies wish to obtain information about who owns […]
March 31, 2022

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

This post was originally published on this siteOn Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S. Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes. At issue are forged “emergency data requests,” (EDRs) sent through hacked police or government agency email accounts. Tech companies usually require a search warrant or subpoena before providing customer or user […]
April 6, 2022

The Original APT: Advanced Persistent Teenagers

This post was originally published on this siteMany organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual “smash and grab” attacks we’ve seen recently from LAPSUS$, a juvenile data extortion group whose short-lived, low-tech and remarkably effective tactics have put some of the world’s biggest corporations on edge. Since surfacing in late 2021, LAPSUS$ has gained access to the […]
April 22, 2022

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

This post was originally published on this siteKrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to […]