the black series continues, Lapsus$ does not stop

After having forced the door of Nvidia then Samsung, it seems that the group Lapsus$ has again made its own; they are apparently behind the attack that hit Ubisoft at the end of last week.

Last Thursday, the video game giant Ubisoft announced via a press release published on its site that it had dealt with a “security incident” who has “temporarily disrupt certain games, systems and services”. Unfortunately, impossible to know more based on this extremely meager message. But since then, a particularly active player in recent times has come forward; it seems that the troublemaker is once again the group Lapsus$.

It is a small group that has already distinguished itself several times recently. In the space of a month, it has even transformed into a trawler and is not afraid to go fishing for (very) big fish. In less than a month, he even added two real whales to his hunting list by hacking in quick succession the king of graphics cards Nvidia, then the electronics titan Samsung.

And these weren’t ordinary DDoS attacks designed to saturate their servers for a few minutes, far from it. These are attacks that are more elaborate than average and meticulously prepared; they are in fact carried out by high-level pirates who specifically target sensitive data.

Once their loot was recovered, they demanded a ransom from the companies under penalty of leaking the files in question. A threat that they have already carried out at least once, in the case of Nividia; during their raid on the servers of the green team, they had notably recovered Code Signing Certificates which immediately allowed other hackers to produce dangerous and (temporarily) undetectable malware.

Lapsus$ claims the attack again

It now appears that this same group is behind Ubisoft’s hassle; The Verge has indeed spotted an intervention that is certainly discreet, but very evocative of Lapsus$ on a Telegram group that he usually frequents. Given the magnitude of previous incidents, this is a situation to which the brand necessarily pays a lot of attention.

In the initial press release, the company also states that its “IT team collaborates with world-class experts” in order to manage the situation as best as possible. She also announced that she had launched a procedure for enterprise-wide password reset as a precautionary principle. The firm also wants to be reassuring, and said in the latest news that users had no reason to worry about their personal data.

Anyway, Lapsus$ pirates are definitely in great shape this month; we imagine that the other big names in Big Tech have taken note of this activity and that their cybersecurity experts will be on the alert. It now remains to be seen if, or rather when, the pirates will still manage to take the lead in this perpetual game of cat and mouse… and especially if they will add other big names to their already well-stocked hunting list.

Leave a Comment