Cyber Crime

Brazilian police arrested a man suspected of being a member of LAPSUS$ gang

The Federal Police of Brazil arrested an individual who is suspected of being a member of the notorious LAPSUS$ extortionist group.

The Federal Police of Brazil yesterday announced the arrest of an individual suspected of being linked to the LAPSUS$ extortionist gang. The authorities did not disclose info about the individual, it seems that the suspect is a teenager.

The arrest is the result of an international police operation codenamed Operation Dark Cloud that was launched in August 2022.

“The investigations carried out are a result of Operation Dark Cloud, launched in August of this year, which aimed to collect information in a police investigation that investigates the activity of a possible criminal organization, formed with the aim of promoting various cyber attacks, especially those carried out at the end of 2021, against the Ministry of Health and dozens of other bodies and entities of the Federal Government” reads a statement published by the Federal Police.

The Brazilian police, the Polícia Federal, launched its investigation in December 2021 after the website of Brazil’s Ministry of Health suffered a data breach. Threat actors stole 50TB of data and deleted COVID-19 vaccination data of millions of Brazilian citizens.

The Lapsus$ gang claimed responsibility for the attack, the group also hit other federal government websites, including the Ministry of Economy, Comptroller General of the Union, and the Federal Highway Police.

“The crimes determined in the police investigation are those of criminal organization, invasion of a computer device, interruption or disturbance of telegraphic, radiotelegraphic or telephone service, preventing or hindering its restoration. It was also found the practice of corruption of minors, a crime provided for in the Statute of Children and Adolescents, and money laundering, according to Law No. 9,613/1998.” continues the statement.

Over the last months, the Lapsus$ gang compromised many high-profile companies such as NVIDIASamsungUbisoft, Mercado Libre, VodafoneMicrosoftOkta, and Globant.

Last month, the City of London Police arrested a 17-year-old teenager on suspicion of hacking, however, experts believe the arrest could be linked to the recent security breaches suffered by Uber and Rockstar Games.

Uber revealed that the threat actor behind the intrusion is affiliated with the LAPSUS$ hacking group.

The threat actor behind the Uber hack, which goes online by the moniker Tea Pot (aka teapotuberhacker), also claimed to have Rockstar Games, the gaming firm behind GTA 6.

The arrest is the result of a joint investigation conducted by City of London Police with the U.K. National Crime Agency’s cybercrime unit.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, LAPSUS$)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

6 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

12 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

1 day ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.