Uptime Hamster: 15d 16h 35mDeploy: 14 Jul 2026 21:26Updated: 2026-07-14
Logo del actor de amenaza Lapsus$

Lapsus$

0 incidentes 0 paises 0 sectores ransomware GB Ultimo: -
Aliases: Strawberry Tempest, Slippy Spider, DEV-0537, G1004
Ver en IntelTracker → APTTrail →
Lapsus$ is a financially motivated, international cyber extortion group that first emerged in December 2021 with an attack on Brazil's Ministry of Health. The group is distinct for its operational model that primarily relies on stealing data and then threatening public leaks via their Telegram channel, rather than deploying ransomware for encryption. Unlike many traditional groups, Lapsus$ is known for its heavy use of social engineering, including phone-based attacks and SIM swapping, and actively recruits insiders for initial access, often boasting about its breaches and even polling followers on which organizations to target next. While primarily associated with Brazil and the United Kingdom, where several members have been arrested, the group operates multinationally. Lapsus$ has been tracked by various entities under aliases such as DEV-0537 and Strawberry Tempest by Microsoft, Slippy Spider by CrowdStrike, and G1004 by MITRE. In late 2025, members of Lapsus$ were noted to be part

Aliases del actor

Strawberry TempestSlippy SpiderDEV-0537G1004

Actores similares

Scattered Spideractor · 2Indrik Spideractor · 1doppel-spideractor · 1salty-spideractor · 1brain-spideractor · 1skeleton-spideractor · 1bamboo-spideractor · 1andromeda-spideractor · 1cobalt-spideractor · 1boson-spideractor · 1

Canales, DLS e infraestructura asociada

Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.

TipoEstadoHost / enlaceTitle / ultimo titulo
DLS / leak siteunknownattack.mitre.orgScattered Lapsus$ Hunters
DLS / leak siteunknownwww.darktrace.comScattered Lapsus$ Hunters
DLS / leak siteunknownransomware.anggipradana.comRansomware Victim: GITHUB INTERNAL (lapsus$)
DLS / leak siteunknownanonfilesnew.comRansomware Victim: INGKA GROUP (lapsus$)
Malware asociado
Mimikatz
Tecnicas MITRE
T1213.005, T1199, T1656, T1552.008, T1114.003, T1588.002
Tipo
ransomware
Pais origen
GB
Motivacion
-
Impacto
105
Actualizado
Sat, 20 Ju

Paises objetivo (SOCRadar)

United Arab EmiratesArgentinaAustriaAustraliaBelgiumBrazilCanadaSwitzerlandChileChina

Sectores objetivo (SOCRadar)

Construction of BuildingsOther Information ServicesSoftware PublishersHospitalsAccommodationAir TransportationManufacturingConstructionElectrical Equipment, Appliance, and Component ManufacturingPublic Administration