A hacking group calling itself Lapsus$ not too long ago made waves by releasing sources codes it claimed to have stolen from Microsoft and Okta. Now, cybersecurity researchers investigating the assaults have traced them to a 16-year-old dwelling along with his mom close to Oxford, England, in line with Bloomberg. While the researchers have recognized seven accounts related to the hacking group — together with one traced to a different teenager in Brazil — they consider {the teenager} from England is the mastermind and is behind a number of the main Lapsus$ hacks. However, they weren’t in a position to join the teenager to all of the assaults the group carried out.

The researchers checked out forensic proof from the hacks, in addition to public info to find out that the teenager was certainly concerned. Apparently, rival hackers posted {the teenager}’s particulars on-line, together with his tackle and details about his mother and father. Bloomberg did not launch the teenager’s private info and solely talked about that he goes by the aliases “White” and “breachbase.” White is reportedly so expert at hacking and so quick at what he does that researchers beforehand thought the assaults have been automated. 

Some cybersecurity researchers consider that the group is motivated by not simply cash, but additionally notoriety, seeing because the actor would not cowl its tracks. As Microsoft detailed in its investigation of the Lapsus$ assaults, the group even pronounces its hacks on social media and publicly posts calls for workers keen to promote their firm logins. The dangerous actor additionally joins targets’ communications channels, corresponding to their Zoom calls, to taunt the individuals responding to their assaults.

Microsoft stated the group began by focusing on organizations in United Kingdom and South America, however that it has since expanded to focus on entities around the globe, together with authorities businesses, telecoms, and firms within the well being sector. Both Microsoft and Okta admitted that they suffered a safety breach, however each declare restricted impression from the assaults.