SYMBOLCOMMON_NAMEaka. SYNONYMS

LAPSUS  (Back to overview)

aka: LAPSUS$, DEV-0537, SLIPPY SPIDER

An actor group conducting large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements.

Associated Families

There are currently no families associated with this actor.

References
2023-03-01CrowdStrikeCrowdStrike
@online{crowdstrike:20230301:slippy:b2f0c0a, author = {CrowdStrike}, title = {{Slippy Spider}}, date = {2023-03-01}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/adversaries/slippy-spider/}, language = {English}, urldate = {2023-03-13} } Slippy Spider
LAPSUS
2022-03-22MicrosoftMicrosoft Threat Intelligence Center (MSTIC), Detection and Response Team (DART), Microsoft 365 Defender Threat Intelligence Team
@online{mstic:20220322:dev0537:eea56dc, author = {Microsoft Threat Intelligence Center (MSTIC) and Detection and Response Team (DART) and Microsoft 365 Defender Threat Intelligence Team}, title = {{DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction}}, date = {2022-03-22}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2022/03/22/dev-0537-criminal-actor-targeting-organizations-for-data-exfiltration-and-destruction/}, language = {English}, urldate = {2022-08-05} } DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction
RedLine Stealer LAPSUS
2022-03-07Check Point ResearchCheck Point
@online{point:20220307:lapsus:007ba79, author = {Check Point}, title = {{Lapsus$ Ransomware gang uses stolen source code to disguise malware files as trustworthy. Check Point customers remain protected}}, date = {2022-03-07}, organization = {Check Point Research}, url = {https://blog.checkpoint.com/2022/03/07/lapsus-ransomware-gang-uses-stolen-source-code-to-disguise-malware-files-as-trustworthy-check-point-customers-remain-protected/}, language = {English}, urldate = {2022-03-25} } Lapsus$ Ransomware gang uses stolen source code to disguise malware files as trustworthy. Check Point customers remain protected
LAPSUS
Credits: MISP Project