The Brazilian Federal Police announced on October 19, 2022, that a Brazilian citizen that is believed to be a member of the Lapsus$ extortion gang was detained.

The suspect arrested in Feira de Santana, Bahia, is accused of taking part in the attack on the Brazilian Ministry of Health and many other cyberattacks.

The Brazilian Attacks and Operation Dark Cloud

In the Brazilian Ministry of Health attack “the attackers deleted files and defaced the Ministry of Health website to display a message where the Lapsus$ hacking group claimed the attack and said it had stolen data from the ministry’s network”, according to Bleeping Computer.

The Ministry of Health was not the only Brazilian target of the Lapsus$ group, their repertoire includes dozens of other targets from the Brazilian Federal Government bodies and entities, like the Ministry of Economy, the Comptroller General of the Union, and the Federal Highway Police.

The authorities launched Operation Dark Cloud in August 2022 to collect information about the threat actor behind these cyberincidents, all taking place since the end of 2021. Operation Dark Cloud led to the arrest made by the Brazilian Federal Police.

“The crimes determined in the police investigation are those of criminal organization, invasion of a computer device, interruption or disturbance of telegraphic, radiotelegraphic or telephone service, preventing or hindering its restoration,” said the Brazilian Federal Police, according to Bleeping Computer.

Lapsus$ Members Hunted All Over the World

In March 2022 seven individuals suspected of having ties to the gang were arrested by the City of London Police. Only two of them were accused of assisting the Lapsus$ group on April 2022, but both were released on bail.

The FBI is also after gang members for compromising computer networks belonging to US-based companies.

Individuals from a group identifying themselves as Lapsus$ posted on a social media platform and alleged to have stolen source code from several United States-based technology companies. These unidentified individuals took credit for both the theft and dissemination of proprietary data that they claim to have illegally obtained. The FBI is seeking information regarding the identities of the individuals responsible for these cyber intrusions.


It is unknown how many members the extortion group has, but the majority are believed to be teenagers motivated primarily by a desire to make a name for themselves in hacking rather than by money.

Based on Telegram messages, they seem to be scattered worldwide as they communicate among them in multiple languages, including English, Russian, Turkish, German, and Portuguese.

Lapsus$ has been behind attacks on high-profile tech companies like Microsoft, Nvidia, Samsung, Ubisoft, Okta, Vodafone, and Mercado. In most of the attacks, the group also stole important information such as source code and proprietary data that later leaked online.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

19-Year-Old Arrested for Allegedly Using Leaked Optus Customer Data for Extortion

Lapsus$ Hacking Group Allegedly Behind the Uber Security Breach

Brazilian Companies Are Lacking Much Needed Cybersecurity Teams

Leave a Reply

Your email address will not be published. Required fields are marked *