Serial offenders confess to IT attack on Jaguar Land Rover
Three British criminal gangs have apparently joined forces. They brag about the IT attack on Jaguar Land Rover.
The perpetrators are likely to be young Britons.
(Image: Daniel AJ Sokolov)
Following an IT attack on Jaguar Land Rover, production and sales in the UK have come to a standstill. On Tuesday, numerous employees were sent home because they cannot work without the IT systems that were shut down. Public confessions of the crime have now emerged on a messaging app.
A gang called Scattered Lapsus$ Hunters bragged about the crime and posted screenshots as proof of the successful intrusion into Jaguar Land Rover's (JLR) computers. This is reported by the BBC (British Broadcasting Corporation). The postings are in English. In addition, a person posing as a spokesperson for the gang has communicated in English in text messages that have not been publicly exchanged.
This indicates that JLR is being blackmailed. The car manufacturer has not yet provided any details on the procedure, the nature of the copied data, or any demands for money. Only this much: there are currently no indications that customer data has been downloaded.
Young Brits
Another indication, apart from the choice of language, that points to domestic perpetrators is the name the group has given itself. It is apparently intended to indicate that they are scattered members of three criminal groups made up mainly of young Britons. These include Scattered Spider, which attacked retailers M&S (Marks & Spencer), Co-op and Harrods in April and May. In July, a 20-year-old woman, two 19-year-old men, and a 17-year-old boy were arrested in England.
Videos by heise
Lapsus$ has been known to attack prominent establishments for years: Rockstar Games, the Brazilian Ministry of Health, Nvidia, Samsung, Ubisoft, T-Mobile, Microsoft, Uber and British Telecom are among the known victims. At the end of 2023, an underage Briton was found guilty, and a countryman who had just reached adulthood was sent to a forensic psychiatric ward. His desire to commit further IT crimes is so great that he had to be classified as a danger to the public. The third member of the group, Shinyhunters, is best known for the break-in at Ticketmaster and the former cooperation of Breachforum.
The perpetrators are not sophisticated Zeroday experts, but have so far mainly used methods from the social engineering toolbox to sneak into company networks. The criminals then extract data, blackmail their victims, and flaunt it online. According to the BBC, the perpetrators have come together via the underground social network The Com (The Community), which law enforcement agencies such as the British National Crime Agency and the FBI have publicly warned against.
(ds)
