lapsus$ details

Description

Lapsus$ is a cyber extortion group first observed in late 2021, known for high-profile breaches and data theft campaigns against major global companies rather than traditional ransomware encryption. The group primarily focuses on data exfiltration and public leak threats without encrypting victim systems. Lapsus$ uses a combination of social engineering, SIM swapping, MFA fatigue attacks, and purchasing access from insiders or access brokers to infiltrate corporate networks. Their victim list includes Microsoft, Okta, NVIDIA, Samsung, Uber, and telecom operators, with operations targeting multiple regions worldwide. Once inside, Lapsus$ actors exfiltrate source code, proprietary data, and customer information, often leaking samples to pressure victims into negotiation. The group is known for a brash and public-facing style, communicating directly with followers on Telegram channels and occasionally mocking victims. Several members, including minors, have been arrested in the UK, but the group’s activities have persisted in some form.

External Analysis
https://www.bleepingcomputer.com/news/security/lapsus-hacking-group-claims-breach-of-microsoft/
https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-083a
https://www.trendmicro.com/en_us/research/22/d/lapsus-group-social-engineering.html

External Analysis

https://www.bleepingcomputer.com/news/security/lapsus-hacking-group-claims-breach-of-microsoft/

https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-083a

https://www.trendmicro.com/en_us/research/22/d/lapsus-group-social-engineering.html

PGP
mDMEaUKlTxYJKwYBBAHaRw8BAQdAD1ZhP2iyaX1067b+BjMgeqehzQuFMFCgNYI10+ppWhu0C0xhcHN1c0dyb3VwiJkEExYKAEEWIQR9D6LiEuOYV2x5cQITHE/zjE2TawUCaUKlTwIbAwUJBa9f4QULCQgHAgIiAgYVCgkICwIEFgIDAQIeBwIXgAAKCRATHE/zjE2Ta500AQDBlq95QZyssrL+U9+SK40v8dObzWJqhJ0obn5Hhw8mbAEAjEc5h9BHAR01P/JeQhf1hsEfXXOxJQURyZACnfQQLgy4OARpQqVPEgorBgEEAZdVAQUBAQdApzPnxLPDmHvwAmItZQNGVo+mPRktIrIxAeoZAu4wXWsDAQgHiH4EGBYKACYWIQR9D6LiEuOYV2x5cQITHE/zjE2TawUCaUKlTwIbDAUJBa9f4QAKCRATHE/zjE2TayAgAQD0DeIDSoKfv0YmtJBAgbOVtobsxDunC3YUW9ssD2lZmwEAhfAHQ2RG6tKSCzRmNyn982t1KutucAKkB4KEY9A6gA4==3FdP

PGP

mDMEaUKlTxYJKwYBBAHaRw8BAQdAD1ZhP2iyaX1067b+BjMgeqehzQuFMFCgNYI10+ppWhu0C0xhcHN1c0dyb3VwiJkEExYKAEEWIQR9D6LiEuOYV2x5cQITHE/zjE2TawUCaUKlTwIbAwUJBa9f4QULCQgHAgIiAgYVCgkICwIEFgIDAQIeBwIXgAAKCRATHE/zjE2Ta500AQDBlq95QZyssrL+U9+SK40v8dObzWJqhJ0obn5Hhw8mbAEAjEc5h9BHAR01P/JeQhf1hsEfXXOxJQURyZACnfQQLgy4OARpQqVPEgorBgEEAZdVAQUBAQdApzPnxLPDmHvwAmItZQNGVo+mPRktIrIxAeoZAu4wXWsDAQgHiH4EGBYKACYWIQR9D6LiEuOYV2x5cQITHE/zjE2TawUCaUKlTwIbDAUJBa9f4QAKCRATHE/zjE2TayAgAQD0DeIDSoKfv0YmtJBAgbOVtobsxDunC3YUW9ssD2lZmwEAhfAHQ2RG6tKSCzRmNyn982t1KutucAKkB4KEY9A6gA4==3FdP

Telegram
https://t.me/group_LAPSUS

https://t.me/group_LAPSUS

Other
https://x.com/LapsusGroup

Other

https://x.com/LapsusGroup

Url	Status	Screen	Uptime 30d	Health
https://t.me/minsaudebr	Up		100%
https://lapsus.by/	Up		100%

Url

Status

Screen

Uptime 30d

Health

https://t.me/minsaudebr

100%

https://lapsus.by/

100%

Url	Status	Screen	Uptime 30d	Health
http://vunk5dvj634b75xpsj64zvhmglv6xzajcanj4g2gxo34q6ot7il3axqd.onion/	Down		29%
http://tw3wa46dm7avezfqdc3ei5ckxm5cvvz6fae73h3pbxjvrokbxmhkk7yd.onion/	Down		14%

Url

Status

Screen

Uptime 30d

Health

http://vunk5dvj634b75xpsj64zvhmglv6xzajcanj4g2gxo34q6ot7il3axqd.onion/

Down

29%

http://tw3wa46dm7avezfqdc3ei5ckxm5cvvz6fae73h3pbxjvrokbxmhkk7yd.onion/

Down

14%

Date	Title	Description	Screen
2026-03-04	OSAC AERO
2026-03-04	FR MINISTRY AGRI
2026-03-04	LOOZAP
2026-03-04	DREAMUP
2026-03-04	SALESFLOOR
2026-03-04	EIFFAGE
2026-03-04	ADIDAS EXTRANET
2026-03-04	LACOSTE
2026-03-04	UNIV LILLE
2026-03-04	ENI ENERGY

Date

Title

Description

Screen

2026-03-04

OSAC AERO

2026-03-04

FR MINISTRY AGRI

2026-03-04

LOOZAP

2026-03-04

DREAMUP

2026-03-04

SALESFLOOR

2026-03-04

EIFFAGE

2026-03-04

ADIDAS EXTRANET

2026-03-04

LACOSTE

2026-03-04

UNIV LILLE

2026-03-04

ENI ENERGY