After the announcement of his return, the hackers sent his Telegram group -made up of 54 thousand members- images of extracted data and credentials pertaining to the company’s DevOps infrastructure. From folders with global companies -such as Banco Galicia, DHL, Facebook and Stifel- until GB of Globant source codethey shared administrator passwords and the code review tool crucible.

Globant.jpg

What is the Lapsus$ group

The Lapsus$ group meets the characteristics of a “advanced persistent threat” (APT)what’s wrong with it high value targets, such as countries and large corporations. and extort through ransomware (data hijacking).

Industry experts say that their intention is “collect a ransom” for the stolen data. usually exists fear for the security of the hacked platform since criminals have information that can allow them to continue carrying out new attacks and/or scams on users.

hacker pixabay

Lapsus$ is believed to have its headquarters in Brazil and it is in the crosshairs of security researchers since 2020. He gained notoriety last year when he took credit for attacking the Ministry of Health of Brazil.