FBI adds LAPSUS$ data extortion gang to its “Most Wanted” list

FBI adds LAPSUS$ data extortion gang to its "Most Wanted" list

The FBI is calling on members of the public to help it uncover members of an increasingly-notorious cybercrime gang.

The LAPSUS$ group, which is thought to consist largely of computer-savvy teenagers, has been behind a wave of attacks that have gained unauthorised access to large tech firms and leaked their data.

Corporate victims have included Microsoft, NVIDIA, Ubisoft, Samsung, Globant, and Okta.

Sign up to our free newsletter.
Security news, advice, and tips.

Members of the gang have been posting on a publicly-accessible Telegram chat room, bragging about their unauthorised access to the systems of organisations, and then posting links to the data they have stolen.

Lapsus brags

The most recent victim is international IT and software development firm Globant, which acknowledged it had suffered a security breach after LAPSUS$ first shared the news to its followers.

LAPSUS$ has since shared a link to 73GB of data stolen from Globant, containing customer source code and private keys related to projects for corporate clients.

In its notice the FBI says it is seeking information regarding the identities of the individuals responsible for the breaches, but has not yet offered a monetary reward.

It will be interesting to see whether the FBI or other law enforcement agencies do choose to offer a bounty for information leading to the identification and apprehension of members of LAPSUS$, or whether the group will simply unravel due to its own gobbiness.

If you do have any information, you are invited to contact your local FBI office, or the nearest American Embassy or Consulate.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.