The City of London Police has arrested seven teenagers between the ages of 16 and 21 for their alleged connections to the prolific LAPSUS$ extortion gang that’s linked to a recent burst of attacks targeting NVIDIA, Samsung, Ubisoft, LG, Microsoft, and Okta.
It’s not immediately clear if the minor is one among the arrested individuals.
According to security reporter Brian Krebs, the “Ringleader” purchased Doxbin last year, a portal for sharing personal information of targets, only to relinquish control of the website back to its former owner in January 2022, but not before leaking the entire Doxbin dataset to Telegram.
This prompted the Doxbin community to retaliate by releasing personal information on “WhiteDoxbin,” including his home address and videos purportedly shot at night outside his home in the U.K. What’s more, the hacker crew has actively recruited insiders via social media platforms such as Reddit and Telegram since at least November 2021 before it surfaced on the scene in December 2021.
Microsoft characterized the group as an “Unorthodox” group that “Doesn’t seem to cover its tracks” and that uses a unique blend of tradecraft, which couples phone-based social engineering and paying employees of target organizations for access to credentials.
The last message from the group came on Wednesday when it announced that some of its members were taking a week-long vacation: “A few of our members has a vacation until 30/3/2022. We might be quiet for some times. Thanks for understand us – we will try to leak stuff ASAP.”.