[German]In 2022, a number of spectacular hacks of Nvidia, Ubisoft, Samsung, Microsoft and other tech companies made headlines. At some point, information emerged that seven teenagers were probably behind the group known as LAPSUS$. Subsequently, arrests were made in the UK and two teenagers were convicted. One of these LAPSUS$ members has now been forcibly committed to a clinic for an indefinite period by a British court – because his abilities pose a threat to the public.
Advertising
The LAPSUS$ hacks
It has already caused quite a stir in 2021/2022 when a number of tech companies fell victim to the hacker group LAPSUS$. In mid-September 2022, it was announced that the US ride-hailing company Uber had been the victim of a hack. An 18-year-old claimed to have hacked into the Uber system "for fun". Uber employees initially thought the whole thing was a joke until the hacker published confidential data. The same was true when the hack at Rockstar Games became known, where source code from GTA 5 and 6 probably fell into the hands of the hacker. The hack and the leak of videos of an unreleased game were probably intended to blackmail the game developer Rockstar Games, with the hacker also claiming to be behind the attack on Uber.
The tweet shown below indicates that the hacker was allegedly able to carry out this hack without his own laptop, using only a hotel TV and a Fire Stick. Subsequently, there were further incidents at Nvidia, Ubisoft, Samsung, Microsoft and other tech companies (see article at the end of the post).
Court orders secured hospitalization
The person responsible for the Rockstar Games hack is the autistic Arion Kurtaj from Oxford (just 18 years old). The hacker was an important member of the internationally active Lapsus$ group. According to this BBC article, a judge in the UK has now ordered Arion Kurtaj to be admitted to a specially secured hospital. Admission to a specially secured hospital is for life, unless the doctors no longer consider him dangerous.
The background to this is that the British judge still considers Kurtaj's abilities and his desire to commit cyber crimes to be a high risk to the public. The court also received reports that Kurtaj had been violent during his detention. There were dozens of reports of injuries or damage to property.
The doctors deemed Kurtaj unfit to stand trial due to his acute autism. So the jury had to decide whether or not he had committed the acts he was accused of – and not whether he had committed them with criminal intent. A mental health report presented at sentencing stated that he "continued to express an intention to return to the Internet as soon as possible".
Advertising
The jury heard that while he was on bail for previous hacks of Nvidia and BT/EE and living under police protection in a Travelodge hotel, he continued to hack and carried out his most notorious hack. Despite having his laptop confiscated, Kurtaj managed to break into Rockstar, the company behind GTA, using an Amazon Firestick, his hotel TV and a cell phone. Kurtaj stole 90 clips of the unreleased and highly anticipated Grand Theft Auto 6.
The hacker broke into the company's internal Slack messaging system and declared: "If Rockstar doesn't contact me via Telegram within 24 hours, I will release the source code". He then posted the clips and the source code in a forum under the username TeaPotUberHacker.
Similar articles
Ride share service provider Uber investigates hack (Sept. 2022)
Rockstar Games leak: source code and many game videos published after hack
Ubisoft hacked by Lapsus$ cyber gang (March 2022)
Cyber attacks on Nvidia and McDonalds (Feb. 25, 2022)
Lapsus$ allegedly publishes source code of Microsoft Azure, Bing and Cortana
Authentication service OKTA hacked by Lapsus$?
Lapsus$ hacks: statements from Okta and Microsoft
Lapsus$ hacker group debunked? Teenager from Britain and Brazil suspected
Chats show: LAPSUS$ had probably also hacked T-Mobile several times
LAPSUS$ exposes security vulnerabilities at tech companies
17 year old arrested in England for Uber hack, member of Lapsus$ group?
