Friday, April 12, 2024
HomeCyber CrimeTeenage Hacker Attacks Cisco Network Linked to Lapsus$ Gang

Teenage Hacker Attacks Cisco Network Linked to Lapsus$ Gang

 

According to Cisco Systems Inc., it was the target of a cyberattack in which a hacker made many attempts to penetrate the corporate network of the Silicon Valley Company.

After the hacker posted a list of the files it had taken on the dark web on August, Cisco claimed it first learned of a potential compromise on March 24.

All about the Hack

The San Jose, California-based company said in a blog post mentioned that an investigation revealed the hacker gained access to Cisco’s network by breaking into an employee’s personal Google account, which synced their saved passwords online. The attacker then successfully convinced the employee to accept a multifactor push authentication notification to their device by posing as reputable businesses during phone calls. As a result, the hacker was able to access Cisco’s network using the employee’s login information.

In the blog post, Cisco stated that it had “not uncovered any evidence suggesting that the attacker got access to vital internal systems, such as those connected to product development, code signing, etc.” “The sole successful data exfiltration that took place throughout the attack involved the contents of a Box folder linked to a compromised employee’s account. In this scenario, the adversary’s information was not sensitive.

The attack, according to investigators, was carried out by an opponent who has previously been named as an initial access broker for a number of well-known cybercrime organisations, including the UNC2447, Lapsus$, and Yanluowang ransomware operators. Initial access brokers make an effort to obtain elevated access to business computer networks before offering it to additional hackers. Investigators think UNC2447, Lapsus$, and Yanluowang ransomware operators were behind the attack. This opponent has already been identified as an initial access broker for several infamous cybercrime organizations. Before selling it to other hackers, first access brokers make an effort to obtain privileged access to corporate computer networks.

The cybersecurity company Mandiant concluded last year that UNC2447 is a “aggressive financially driven group” that has attacked enterprises with ransomware in North America and Europe. According to Symantec, a ransomware strain called Yanluowang, named after a Chinese god, has been utilised against US businesses since August 2021. The Lapsus$ group was charged with launching a string of well-publicized assaults against tech giants like Okta Inc., Microsoft Corp., and Nvidia Corp. The breach has been reported by Bleeping Computer.

According to Bloomberg News, the alleged mastermind was a 16-year-old British adolescent who lived with his mother.

Cisco claimed to have discovered proof that the hacker was attempting to encrypt files but was unable to do so before being discovered and thrown out. After the attack had been expelled, there were numerous tries to recover access, according to Cisco.

About the Lapsus$ Gang

Researchers looking into the Lapsus$ group hacks claim that the adolescent hacker is very proficient and quick, to the point where his/her activities were initially assumed to be automated.

Major multinational technological companies have been the target of a hacker group’s one-by-one attacks; well-known companies including Microsoft, Nvidia, Ubisoft, and Samsung have already fallen victim. According to a recent revelation, the notorious Lapsus$ hacking organization is being directed by a kid in England.

The allegations come to light as a result of the multiple cybersecurity experts’ continuous investigations of the impacted companies. According to Bloomberg, at least four experts looking into the Lapsus$ hacking have identified the 16-year-old living with his mother not far from Oxford, England, as the attacker.

There is currently no concrete evidence linking the alleged adolescent to any of the Lapsus$ attacks. Researchers suspect that the adolescent may be connected to the hacker gang based on “forensic evidence from the hacks” and publicly available information.

Although the teen’s real name has not yet been made public, his online aliases of “White” and “breachbase” have been verified. According to the report, the alleged hacker’s personal data has already been exposed by adversarial hackers.

According to Bloomberg, the teenager’s mother spoke with reporters for approximately 10 minutes; she appears to be unaware of the charges currently surrounding her child. Law enforcement agencies are not currently involved in the investigation because there isn’t enough solid evidence to do so.

The youngster is very proficient and quick at hacking, according to the cybersecurity researchers, to the point where they initially believed that his/her activities were automated. Another potential member of the Lapsus$ organization, who may be a teenager living in Brazil, has also been located by the investigators. Up to now, seven distinct accounts connected to the hacking gang have been found, indicating the presence of additional Lapsus$ members.

The organization has so far been successful in attacking major technology companies like Microsoft, Nvidia, Samsung, Ubisoft, Okta, , and others. In a blog post acknowledging the hack, Microsoft noted that Lapsus$ tries to “hack companies, steal their data, and demand a ransom to keep it from being released.” The article continued by pointing out that the gang has even been successful in enlisting insiders from their target companies to assist with their hacking.

However, researchers have a more upbeat outlook on the group’s operations and note that they have “poor operational security.” Researchers have now learned a lot about the alleged teenage hackers as a result of this. Given that the gang is quite public about its cyberattacks and activities, according to Microsoft, it might not take long for cybersecurity researchers to identify the individuals responsible for these attacks.

For more such news read here.

 

IEMA IEMLabs
IEMA IEMLabshttps://iemlabs.com
IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with ssyoutube.com
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us