Following news that Rockstar Games have been hacked, resulting in a data leak (https://www.bbc.co.uk/news/technology-62960828), Louise Ferrett, Threat Intelligence Analyst at Searchlight Security has found by scanning the dark web that:
“Users on cybercriminal and dark web forums are pointing to a member of LAPSUS$ as the perpetrator of the cyberattack against Rockstar that has led to the leak of the latest Grand Theft Auto game. For example, this post on DoxBin accuses the LAPSUS$ member known by the alias ‘White’ for being behind the attack and last week’s attack against Uber:
“As we can see from this screenshot, this is the latest in a series of updates that the user has provided since they originally doxxed (shared the identify of) White back in January:
“It goes without saying that attributions on cybercriminal forums should not be taken as concrete proof, especially since this user clearly harbours a grudge against White. However, the attacks on Rockstar and Uber do fit the pattern of the LAPSUS$ group’s previous attacks, which focused on noteworthy targets and has previously included the gaming company EA, which means it is possible that the user on DoxBin is telling the truth.”
Nadir Izrael, CTO and co-founder of Armis, also adds “a major breach has occurred at Rockstar Games driven by a bad actor seeking to profit from the company’s intellectual property. This incident follows a pattern of criminals seeking to steal intellectual property and attempting to ransom it back to their corporate owners. In this case, the hacker alleges they are also responsible for Uber’s recent data breach, which has potentially put customer personal identifiable information (PII) at risk. Ultimately, the cyberwar is raging around the globe and all entities (public or private) are strongly advised to ensure they are cyber resilient and have strong countermeasures in place. Network intrusions can be complex or as simple as sharing access codes. This intrusion has resulted in the partial leak of Rockstar Games much anticipated Grand Theft Auto 6. While the full extent of damage has yet to be uncovered, the attack highlights the importance of having proper visibility into the asset attack surface, particularly suspicious behaviors within the system. With enough contextual intelligence and the right architecture in place, companies can detect and automatically respond to prevent catastrophes like this.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.