Unlocking the Mystery: Comprehensive Analysis and Insights on Strengthening Organizational Defense

The Mitre Corporation, “LAPSUS$, DEV-0537, Group G1004,” June 09, 2022

CSRB, “Review of The Attacks Associated with Lapsus$ and Related Threat Groups,” July 24, 2023

MSTIC, DART, M365 Defender, “DEV-0537 Criminal Actor Targeting Organizations for Data Exfiltration and Destruction,” May 17, 2022.

UNIT 42, “Threat Brief: Lapsus$ Group,” May 17, 2022.

The MITRE Corporation, “ATT&CK”, April 25, 2023

Microsoft Defender Threat Intelligence and MSTIC, “DEV-0537 criminal actor targeting organizations for data exfiltration and destruction,” March 22, 2022

ReliaQuest, “Team A vs Team B: What is Motivating Lapsus$,” April 6, 2022

Intrinsec, “Analysis of Lapsus$ Intrusion Set,” March 28, 2022

Themis, “Ransomware Gangs: Lapsus$,” October 11, 2022

Emil Sayegh, “Teenagers Leveraging Insider Threats:

Lapsus$ Hacker Group,” March 15, 2022

Biasini, Nick, Cisco Talos, “Cisco Talos Shares Insights Related to Recent Cyber Attack on Cisco,”

Monique Becenti, “Unveiling the Tactics of Lapsus$: A Review of Internal Attacks Vectors, Mobile Device Exploitation, and Social Engineering Techniques,”

August 29, 2023

ReliaQuest, “Team A vs Team B: What is Motivating Lapsus$,” April 6, 2022

Brown, D., et al. “LAPSUS$: Recent techniques, tactics and procedures,” December 22, 2022.

Krebs, Brian; KrebsonSecurity, “Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code,” April 22, 2022,

Bradbury, David; Okta, “Okta Concludes its Investigation into the January 2022 Compromise”, April 19, 2022,

Mandiant Intelligence; Mandiant, “SIM Swapping and Abuse of the Microsoft Azure Serial Console: Serial Is Part of a Well Balanced Attack,” May 16, 2023,

Research & Insights Center; SecurityScorecard, “Lapsus$ Update: How This Technically Unsophisticated Threat Actor Group Breaches Large Organizations,” January 9, 2023

Krebs, Brian; KrebsonSecurity, “The Original APT: Advanced Persistent Teenagers,” April 6, 2022,

Okta, “Okta Security Action Plan,” September 30, 2022

Rodriguez, Sarai, TechTarget - Heath IT Security, “HC3 Report Uncovers Key Data Exfiltration Trends in Healthcare,” March 15, 2023,

Gatlan, Sergiu, Bleeping Computer, “Hackers breach gaming giant Electronic Arts, steal game source code,” June 10, 2021,

Abrams, Lawrence, Bleeping Computer, “Lapsus$ hackers leak 37GB of Microsoft’s alleged source code,” March 22, 2022,

Teapotuberhacker, GTAForums, “GTA 6 (Americas) leak – 90+ .mp4 footage/videos,” September 17, 2022,

Ilascu, Ionut, Bleeping Computer, “Hackers leak 190GB of alleged Samsung data, source code,” March 4, 2022,

Eun-jin, Kim, Business Korea, “Hacker Group Lapsus$ Claims to Have Attacked LG Electronics,” March 23, 2022,

Lakshmanan, Ravie, The Hacker News, “IT Firm Globant Confirms Breach after LAPSUS$ Leaks 70GB of Data,” March 30, 2022

DarkOwl, “Darknet Threat Actor Report: LAPSUS$”

February 18, 2022

Adam Bannister, “Cyber-attack on Nvidia linked to Lapsus$ ransomware gang,” February 28, 2022

Pieter Arntz, “Nvidia, the ransomware breach with some plot twists,” March 3, 2022

Alicia Hope, Nvidia Data Leak Exposed Proprietary Information but Wasn’t a Russian Ransomware Attack,

Company Says, March 11, 2022

Microsoft Defender Threat Intelligence and MSTIC; Microsoft, “DEV-0537 criminal actor targeting organizations for data exfiltration and destruction,”

March 22, 2022

George Platsis, “How to defend against extortion groups like Lapsus$,” April 6, 2023

Gal Nakash, “A Closer Look at the Hacking Techniques Used by the Lapsus$ Data Extortion Group,” October 10, 2023

Deficiencies with Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security,” January 10, 2023,

BeyondTrust, “Lapsus$ Breaches Remind us Service Desks & Insiders often Weakest Link,” March 29, 2022