Safety Detectives
$ United States dollar
$ United States dollar Euro£ British poundAED UAE dirhamARS Argentine pesoAU$ Australian dollarBGN Bulgarian levR$ Brazilian realCA$ Canadian dollarCHF Swiss francCLP Chilean pesoCN¥ Chinese yuanCOP Colombian pesoCZK Czech korunaDKK Danish kroneEGP Egyptian poundHK$ Hong Kong dollarHUF Hungarian forintIDR Indonesian rupiah Israeli new shekelINR Indian rupee¥ Japanese yen South Korean wonMX$ Mexican pesoMYR Malaysian ringgitNOK Norwegian kroneNZ$ New Zealand dollarPLN Polish złotyRON Romanian leuRUB Russian rubleSAR Saudi riyalSEK Swedish kronaSGD Singapore dollar฿ Thai bahtTRY Turkish liraNT$ New Taiwan dollarUAH Ukrainian hryvnia Vietnamese DongZAR South African rand

Brazilian Federal Police Arrests Suspect Likely Part of LAPSUS$ Hacking Group

Colin Thierry
Colin Thierry
Updated on: March 20, 2024
Colin Thierry Colin Thierry
Updated on: March 20, 2024

The Brazilian Federal Police arrested a suspect on Wednesday who’s likely a member of the LAPSUS$ hacking group. This group is responsible for cyberattacks on large companies like Nvidia, Samsung, 2K Games, Uber, and many others.

LAPSUS$ gained notoriety over the past year because it targeted these large companies while easily compromising their networks and infrastructure. Although their main approach was through social engineering, they also took advantage of any security misconfigurations they found during their attacks.

This recent arrest in Feira de Santana, Brazil was part of Operation Dark Cloud, which began in August of this year. This operation was launched following attacks on the Ministry of Health and dozens of other bodies and entities of the Federal Government, including the Ministry of Economy, Comptroller General of the Union, and the Federal Highway Police.

“The investigations began last December, when the Federal Police became aware that the cloud environment of the Ministry of Health had been attacked,” the Federal Police said in its press release. “At the time, the attackers deleted files, data and instances from the attacked folder, even leading to the compromise of the website connectus.saude.gov.br, responsible for the National Vaccination Certificate.”

“After the attack, when trying to access the Ministry of Health website (www.saude.gov.br), users found a message stating that system data had been copied and deleted and was in the hands of the invading group,” the police added.

LAPSUS$ first began its operations in South America, attacking a variety of systems like Empresa Brasileira de Correios e Telégrafos, Localiza Rent a Car, and multiple other companies. Over time, the hacking group shifted its focus to companies from Europe and North America, which included Electronic Arts, Samsung, Nvidia, Microsoft, and others.

In April of this year, City of London police arrested two teenagers believed to have ties with the LAPSUS$ hacking group. Then, in September, one of those same suspects was arrested by police again under suspicion that he was behind the Rockstar Games and Uber attacks.

About the Author
Colin Thierry
Colin Thierry
Writer
Updated on: March 20, 2024

About the Author

Colin Thierry is a former cybersecurity researcher and journalist for SafetyDetectives who has written a wide variety of content for the web over the past 2 years. In his free time, he enjoys spending time outdoors, traveling, watching sports, and playing video games.