LAPSUS (Threat Actor)

SYMBOL	COMMON_NAME	aka. SYNONYMS

LAPSUS (Back to overview)

aka: DEV-0537, LAPSUS$, SLIPPY SPIDER, Strawberry Tempest

An actor group conducting large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements.

Associated Families

There are currently no families associated with this actor.

References

2023-03-01 ⋅ CrowdStrike ⋅ CrowdStrike
Slippy Spider
LAPSUS

2022-03-22 ⋅ Microsoft ⋅ Microsoft Incident Response, Microsoft Threat Intelligence
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
LAPSUS

2022-03-22 ⋅ Microsoft ⋅ Detection and Response Team (DART), Microsoft 365 Defender Threat Intelligence Team, Microsoft Threat Intelligence Center (MSTIC)
DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction
RedLine Stealer LAPSUS

2022-03-07 ⋅ Check Point Research ⋅ Check Point
Lapsus$ Ransomware gang uses stolen source code to disguise malware files as trustworthy. Check Point customers remain protected
LAPSUS

Credits: MISP Project