Lapsus$, stylised as LAPSUS$ and classified by Microsoft as Strawberry Tempest and more recently identified as or a part of ShinyHunters, is an international extortion-focused hacker group known for its various cyberattacks against companies and government agencies. The group was active in several countries, and has had its members arrested in Brazil and the UK in 2022. According to City of London Police at least two of the members were teenagers.
Lapsus$, stylised as LAPSUS$ and classified by Microsoft as Strawberry Tempest and more recently identified as or a part of ShinyHunters, is an international extortion-focused hacker group known for its various cyberattacks against companies and government agencies. The group was active in several countries, and has had its members arrested in Brazil and the UK in 2022. According to City of London Police at least two of the members were teenagers.
Lapsus$ uses a variety of attack vectors, including social engineering, MFA fatigue, SIM swapping, and targeting suppliers. Once the group has gained the credentials to a privileged employee within the target organisation, the group then attempts to obtain sensitive data through a variety of means, including using remote desktop tools. Attempts at extortion follow. Initially, the messaging app Telegram had been used for communications to the public, including recruitment and posting sensitive data from their victims.
Discovered by embedding cosine similarity (sentence-transformers MiniLM, 384-dim).