Brazilian police arrested a man suspected of being a member of LAPSUS$ gang

The Federal Police of Brazil arrested an individual who is suspected of being a member of the notorious LAPSUS$ extortionist group.

The Federal Police of Brazil yesterday announced the arrest of an individual suspected of being linked to the LAPSUS$ extortionist gang. The authorities did not disclose info about the individual, it seems that the suspect is a teenager.

The arrest is the result of an international police operation codenamed Operation Dark Cloud that was launched in August 2022.

“The investigations carried out are a result of Operation Dark Cloud, launched in August of this year, which aimed to collect information in a police investigation that investigates the activity of a possible criminal organization, formed with the aim of promoting various cyber attacks, especially those carried out at the end of 2021, against the Ministry of Health and dozens of other bodies and entities of the Federal Government” reads a statement published by the Federal Police.

The Brazilian police, the Polícia Federal, launched its investigation in December 2021 after the website of Brazil’s Ministry of Health suffered a data breach. Threat actors stole 50TB of data and deleted COVID-19 vaccination data of millions of Brazilian citizens.

The Lapsus$ gang claimed responsibility for the attack, the group also hit other federal government websites, including the Ministry of Economy, Comptroller General of the Union, and the Federal Highway Police.

“The crimes determined in the police investigation are those of criminal organization, invasion of a computer device, interruption or disturbance of telegraphic, radiotelegraphic or telephone service, preventing or hindering its restoration. It was also found the practice of corruption of minors, a crime provided for in the Statute of Children and Adolescents, and money laundering, according to Law No. 9,613/1998.” continues the statement.

Over the last months, the Lapsus$ gang compromised many high-profile companies such as NVIDIA, Samsung, Ubisoft, Mercado Libre, Vodafone, Microsoft, Okta, and Globant.

Last month, the City of London Police arrested a 17-year-old teenager on suspicion of hacking, however, experts believe the arrest could be linked to the recent security breaches suffered by Uber and Rockstar Games.

Uber revealed that the threat actor behind the intrusion is affiliated with the LAPSUS$ hacking group.

The threat actor behind the Uber hack, which goes online by the moniker Tea Pot (aka teapotuberhacker), also claimed to have Rockstar Games, the gaming firm behind GTA 6.

The arrest is the result of a joint investigation conducted by City of London Police with the U.K. National Crime Agency’s cybercrime unit.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, LAPSUS$)

[adrotate banner=”5″]

[adrotate banner=”13″]