In September 2022, Uber informed that it believed it was hacked by LAPSUS$, a cybercriminal gang with a hefty track record that is thought to be composed largely of teenagers. On Wednesday, the Federal Police of Brazil announced it had arrested an individual for purported links to the notorious LAPSUS$. The arrest was made as part of a new law enforcement effort, dubbed Operation Dark Cloud, that was launched in August 2022.
The Polícia Federal said it commenced its investigation in December 2021 following an attack on websites under Brazil’s Ministry of Health. This resulted in the alleged exfiltration of 50TB of data and the temporary unavailability of COVID-19 vaccination data of millions of citizens. Other federal government portals targeted by the LAPSUS$ group in Brazil include the Ministry of Economy, the Comptroller General of the Union, and the Federal Highway Police.
The LAPSUS$ gang has attracted worldwide notoriety for their headline-grabbing attacks on Microsoft, Cisco, Samsung, NVIDIA, Okta, Ubisoft, Globant, T-Mobile, Mercado Libre, Uber, and Vodafone. Israeli cybersecurity firm Check Point characterized the cybercrime crew as a “Portuguese hacking group from Brazil.”
In March, the City of London Police arrested seven teenagers between the ages of 16 and 21 for their alleged connections to the prolific LAPSUS$ extortion gang.
