If you are not living under a rock, you probably have heard of the massive Rockstar hack that resulted in the leak of over 90 videos of the much-awaited Grand Theft Auto VI game. We have covered the story in much more detail, which you can read here. While the breach is still being investigated, as of now it seems the hacker was able to access Rockstar Games’ internal Slack messages, and access all the content from there.
An Uber EXT contractor had their account compromised by an attacker. It is likely that the attacker purchased the contractor’s Uber corporate password on the dark web, after the contractor’s personal device had been infected with malware, exposing those credentials. The attacker then repeatedly tried to log in to the contractor’s Uber account. Each time, the contractor received a two-factor login approval request, which initially blocked access. Eventually, however, the contractor accepted one, and the attacker successfully logged in.
In another hack, in the same breath, Uber’s internal systems were compromised. This time around too, the hacker was able to access all this information by breaking into the company’s Slack channels. While the full scope of the hack is still being investigated, screenshots leaked by the attacker paints a very disturbing picture. What’s more, US investigation authorities now think that both the Rockstar Games, and the Uber hack could be perpetrated by the same group, called the Lapsus$ crime group.
And there’s good reason for it too, as previous hacks by the group, on other companies follow a similar modus operandi, where the attackers get access to the company’s internal messaging platforms through phishing methods.
The group’s mastermind, a 16-year-old boy was arrested earlier this year by the UK police in Oxford. The City of London police force also arrested seven other teenagers for allegedly sharing connections with the infamous hacking group. It is possible that the recent attacks were perpetrated by other members of the Lapsus$ crime group, or that this is some other group entirely, trying to pose as the Lapsus$ members, by following their modus operandi.
Whenever such big breaches occur, there is actually a very serious investigation conducted by the Feds and other US authorities. In most cases the attackers are caught, unless they are state sponsored attackers or are located in places where extradition isn’t an option. As for the current Uber and Rockstar hacks, both the FBI and Department of Justice are investigating it, although they have nothing new to share at this point.