With a succession of high-profile security breaches and ransom demands in 2021 and 2022, the Lapsus$ hacking group wreaked havoc. However, things have been relatively quiet since then, with two accused members of the group recently convicted in the United Kingdom, potentially bringing an end to one of the most prominent hacking sprees in recent memory.
According to Bloomberg and the BBC, two people suspected of being gang members were convicted in the United Kingdom of a variety of offenses, including major computer misuse, extortion, and fraud. Arion Kurtaj, 18, and a 17-year-old guy who could not be identified due to his age were among the defendants. Kurtaj and the other defendants are both autistic, and psychiatrists determined that Kurtaj was not fit to stand trial, thus he did not testify. Both will be sentenced at a later date.
The allegations stemmed from a string of hacking instances including Nvidia, BT Group, Uber, the EE cell network, and Rockstar Games. The latter resulted in the release of gameplay footage and files from the company's unannounced title Grand Theft Auto 6.
Kurtaj allegedly carried out the Rockstar hack after police transported him to a hotel for his safety. He was allegedly "doxxed" by rival hackers, which means his personal information was revealed, and the police placed him in a hotel under bail conditions that included an internet ban.
Nonetheless, Kurtaj appeared to continue his hacking. He broke into Rockstar's systems, downloaded unpublished game video, and threatened to broadcast it online if the firm did not respond within 24 hours. When the authorities searched his room, he was "caught red-handed" with internet-connected devices, in violation of his bail conditions.
Hacking for notoriety
Lapsus$ breaches are typically associated with the theft of company data. Following that, the gang would demand a ransom and threaten companies with the release of important files and information if the ransom was not paid. The attention-seeking aspect of Lapsus$ heists was defined, with participants frequently gloating online about their crimes.
Typically, lapsesus$ breaches are related with the loss of enterprise data. The group would then demand a ransom and threaten organizations with the release of critical files and information if the ransom was not paid. Lapsus$ heists were characterised by their attention-seeking nature, with participants frequently bragging online about their crimes.
Some members of the group are thought to still be at large, but it’s clear that the gang that shocked the security world has been largely dismantled. Whether the remaining members make a comeback is anyone’s guess.