Lapsus$ claims responsibility for attack on software giant Globant
Prolific hacking group Lapsus$ has claimed responsibility for an attack on Luxembourg-based software development consultancy Globant, despite seven of their alleged members being arrested.
Lapsus$ previously asserted that they attacked Microsoft, Nvidia, Okta, and Samsung. It leaked data apparently stolen during the attacks on its public Telegram channel.
Security researcher Dominic Alvieri reported that Lapsus$ leaked 70GB of data from Globant.
Globant is a global consultancy firm with over 30 major clients in the private and public sectors.
Alvieri said that the directory structure of the data in the leak contains Facebook, DHL, BNPParibas, and Abbott. There is also a folder called “apple-health-app”.
The extent of the data contained within these directories is currently unknown.
Additionally, Lapsus$ also leaked the passwords of several of Globant’s system administrators.
VX-Underground, a group that analyses malware trends, said Lapsus$ “threw [Globant’s] system admins under the bus” by exposing that they used incredibly weak passwords for several of their internal systems.
The hacking group publicly posted administrator passwords for Globant’s internal Confluence, Crucible, Jira, and Github systems.
Security researcher Bill Demirkapi has also revealed new information regarding the Lapsus$ attack on Okta.
According to Demirkapi, he obtained a copy of the Mandiant report, which detailed how the hacking group was able to breach the company’s internal systems and what they did once they had access.
He said the report states that Lapsus$ downloaded malware, terminated security software processes, and other acts of cyber-sabotage.
Lapsus$ may also have gained access to Okta’s Domain Administrators credentials by downloading a file called “DomAdmins-LastPass.xlsx” from a compromised system.
MyBroadband contacted Globant for comment, but it did not respond by the time of publication.
Loading ...