Lapsus$
0 incidentes
0 paises
0 sectores
ransomware GB Ultimo: -
Aliases: Strawberry Tempest, Slippy Spider, DEV-0537, G1004
Lapsus$ is a financially motivated, international cyber extortion group that first emerged in December 2021 with an attack on Brazil's Ministry of Health. The group is distinct for its operational model that primarily relies on stealing data and then threatening public leaks via their Telegram channel, rather than deploying ransomware for encryption. Unlike many traditional groups, Lapsus$ is known for its heavy use of social engineering, including phone-based attacks and SIM swapping, and actively recruits insiders for initial access, often boasting about its breaches and even polling followers on which organizations to target next. While primarily associated with Brazil and the United Kingdom, where several members have been arrested, the group operates multinationally. Lapsus$ has been tracked by various entities under aliases such as DEV-0537 and Strawberry Tempest by Microsoft, Slippy Spider by CrowdStrike, and G1004 by MITRE. In late 2025, members of Lapsus$ were noted to be part
Canales, DLS e infraestructura asociada
Clasificacion automatica desde IntelTracker/APTTrail/OSINT. Estado real solo si viene indicado por la fuente.
Paises objetivo (SOCRadar)
United Arab Emirates
Argentina
Austria
Australia
Belgium
Brazil
Canada
Switzerland
Chile
China
Sectores objetivo (SOCRadar)
Construction of BuildingsOther Information ServicesSoftware PublishersHospitalsAccommodationAir TransportationManufacturingConstructionElectrical Equipment, Appliance, and Component ManufacturingPublic Administration