Seven teenagers were arrested by London police on Thursday (March 24) in connection with the recent hacking spree by the Lapsus$ cyber-crime gang that infiltrated Microsoft and Okta this week and recently, Samsung, Ubisoft and Nvidia.
“Seven people between the ages of 16 and 21 have been arrested in connection with an investigation into a hacking group. They have all been released under investigation. Our inquiries remain ongoing,” police said, the BBC reported.
See also: Microsoft: Lapsus$ Hackers Pilfered Source Code
A 16-year-old from Oxford, England, who allegedly reaped $14 million from cyber-crime activities was named by rival hackers and cybersecurity researchers as being one of the masterminds behind Lapsus$. London police, however, haven’t confirmed that he is among the seven teens arrested.
The teen, who is autistic, attends a special school in Oxford. He allegedly used the online aliases “White” or “Breachbase.” Lapsus$ is said to operate from South America.
Read more: Okta Latest Target of Hacker Group Lapsus$
“White” was doxxed on a hacker website following what appears to have been a falling out with partners. His name, address and social media photos were posted. The hackers also posted a rundown of his cyber-thief activities.
“After a few years his net worth accumulated to well over 300BTC [close to $14m]… [he is] now is affiliated with a wannabe ransomware group known as ‘Lapsus$,’ which has been extorting & ‘hacking’ several organizations,” according to the post, the BBC reported.
The boy’s father told the BBC that his family was worried and was trying to prevent him from using his computers.
“I had never heard about any of this until recently. He’s never talked about any hacking, but he is very good on computers and spends a lot of time on the computer. I always thought he was playing games,” the father said.
Cybersecurity researchers were after “White” for nearly a year, Bloomberg reported. He was linked to Lapsus$ as well as to other cyber-crimes.
“We’ve had his name since the middle of last year and we identified him before the doxxing,” Allison Nixon, chief research officer at cyber-security investigation company Unit 221B, told BBC.