Stenobird

Episode

101; LAPSUS$

Podcast
Inside Darknet
Published
Jan 3, 2026
Duration seconds
1154
Processing state
processed
Canonical source
https://podcasters.spotify.com/pod/show/insidedarknet/episodes/101-LAPSUS-e3d4ja9
Audio
https://traffic.megaphone.fm/APO5724218096.mp3
JSON
/v1/public/podcasts/inside-darknet-6682885/episodes/101-lapsus
Markdown
/podcast/inside-darknet-6682885/101-lapsus.md

Actions

  • POST https://stenobird.com/v1/public/podcasts/inside-darknet-6682885/episodes/101-lapsus/transcription-requests
    Idempotently request low-priority transcript generation for this episode.
  • GET https://stenobird.com/podcast/inside-darknet-6682885/101-lapsus.md
    Read the agent-friendly Markdown representation of this episode resource.

Summary

An exclusive interview with a reformed member of the LAPSUS$ hacking group reveals how a decentralized network of young hackers breached giants like Nvidia and Microsoft. The discussion explores the group's evolution from a high-profile extortion unit to a resilient, fragmented collective.

Topics

  • LAPSUS$
  • Cybersecurity
  • Social Engineering
  • Data Breaches
  • Darknet
  • Sim-swapping
  • Information Security
  • Hacking Groups

Highlights

  • Main idea: LAPSUS$ utilized aggressive social engineering and SIM-swapping rather than complex technical exploits to breach major corporations
  • Failure mode: High-profile visibility and 'loud' bragging on Telegram directly led to the arrests of key members by Scotland Yard
  • Practical takeaway: Even the most robust technical defenses are vulnerable to human-centric attacks like helpdesk impersonation and credential theft
  • Main idea: The hacking ecosystem functions like a 'Hydra,' where the arrest of primary members leads to the formation of new, decentralized cells
  • Failure mode: Poor operational security (OPSEC) and the pursuit of fame over stealth are the primary drivers of law enforcement detection

Chapters

  1. 1:00 The Rise of a Teen Prodigy: The origins of Aaron Kurtasch, a 17-year-old in Oxford who helped orchestrate some of the most spectacular hacks in recent history.
  2. 5:10 The Ubisoft Breach: An analysis of the massive disruption caused when LAPSUS$ compromised Ubisoft, forcing server shutdowns and impacting player economies.
  3. 8:00 Social Engineering Tactics: A breakdown of how the group bypassed MFA using SIM-swapping and impersonating IT staff to gain unauthorized access.
  4. 9:20 Targeting the Giants: The rapid-fire sequence of breaches involving Microsoft, Nvidia, Okta, and Samsung within a single three-month window.
  5. 10:40 The Fall and the Hydra Effect: The aftermath of the 2022 arrests and how the group reorganized into new entities like Scattered Spider.
  6. 13:30 Interview: The Reformed Hacker: A direct conversation with a member of the group regarding their motivations, access levels, and the reality of the darknet.
  7. 17:40 The Future of Cyber Warfare: Reflections on law enforcement cooperation, the importance of OPSEC, and the inevitable vulnerability of all digital systems.