Sunday, October 2, 2022
HomeGlobalAlert for a new cyber threat in Nuevo León

Alert for a new cyber threat in Nuevo León

Cyber ​​threats and attacks do not stop, and now LAPSUS$, a group focused on cyber extortion with the sole objective of obtaining money, is “visiting” companies and people in Nuevo León (NL).

According to the firm Metabase Q, the way this group acts is not traditional, since most of the cybercriminal groups dedicated to cyberextortion use ransomware, but LAPSUS$ focuses on using a combination of stolen credentials, SIM swapping and Social engineering to gain access to sensitive files.

And this situation of stolen credentials, indicated Metabase Q, has occurred in the states of NL, Veracruz, Hidalgo, Sinaloa, Querétaro and Mexico City.

He even pointed out that it was recently learned that LAPSUS$ works with Redline Stealer, a malware observed in Latin America and that has mainly affected users in Mexico.

According to Mauricio Benavides, founder and general director of Metabase Q, the kidnapping of information from people and companies—better known as ransomware—is the cyberfraud that has intensified the most in 2021, with an increase of 400 percent, being small and medium-sized enterprises (SMEs) the most affected sector.

He explained that this type of crime happens when hackers steal the information of a company or a person through a virus, which gives access to all systems, and in order to release it they ask for a sum of money, normally, in transactions through cryptocurrencies.

In this regard, they recently reported to EL FINANCIERO the case of a cyberattack on a small construction company in Monterrey by foreign hackers, in the first week of April.

“They left blank the content of their computers, all information related to bank accounts, quotes, tenders, photographs, accounting information and historical purchases required by the SAT, financial and banking files., Everything!” said the person who He heard about the case but requested anonymity.

He added that the hackers, with an accent from another Latin country, asked the owner for a payment of 150 thousand dollars in Bitcoin coins to recover all the information, an amount that the businessman refused to deliver.

Regarding this situation, Roberto Macías, president of the Mexican Chamber of the Construction Industry of Nuevo León, said that to date he has no information that any of its members have been victims of a cyberattack; however, they will speak with the appropriate authority to discuss measures they can take to protect their businesses.

Metabase Q predicted that LAPSUS$ will continue its expansion in Mexican territory, since the malware has been effective in collecting various data, giving the ability to have initial access to an organization through legitimate credentials obtained by the virus.

Recent posts