Hacking Group Lapsus$: Court Finds Teens Actioned the Attack

An 18-year-old from Oxford has been found to have taken part in a hacking spree by a court.

Arion Kurtaj was part of an international cybercrime group that has attacked big firms like Nvidia, Uber, Rockstar Games and others.

Kurtaj was a Lapsus$ group member responsible for the attacks on Rockstar Games, Uber and Nvidia.

A court heard that Kurtak had been on bail in a Travelodge hotel, during his stay here, he released clips of Grand Theft Auto 6 the unreleased title from Rockstar games.

Grand Theft Auto 6 has been in the works for many years and has been kept under the radar by Rockstar for some time.

This leak was extremely shocking and unexpected; however, this was back in September of 2022.

Another member, who, due to his age, cannot be named, was convicted for his involvement in the attacks carried out by the Lapsus$ group.

The Gang

Lapsus$ group is believed to be from the UK and allegedly from Brazil.

The gang is believed to be made up of mostly teens.

They hacked into major firms, gaining access to corporations like Microsoft and Revolut.

During their hacking spree, the group had been celebrating their attacks via Telegram, taunting their victims in English and Portuguese.


The first hacking spree was back in July of 2021.

Kurtaj alongside associates of Lapsus$ hacked telecoms and mobile operator companies BT and EE.

They hacked BT’s and EE’s servers and accessed their data, then asked for a $ 4 million ransom.

The ransom was not paid, however, the court heard that the 17-year-old with Kurtaj, used details from stolen SIMs to steal just under £100,000 in cryptocurrency.

Both were arrested on the 22nd of January 2022 and then released under investigation.

The second hacking spree was in February of 2022.

Despite their recent arrest, both the 17-year-old and Kurtaj continued to hack with Lapsus$.

They successfully hacked into and gained access to Nvidia.

The duo stole sensitive and valuable information, then leaked it and demanded another ransom, if the ransom was paid, they would stop leaking further information.

The jury was given Telegram group chats of the group, in the messages, the group had asked someone they had hired to call Nvidia’s help desk pretending to be an employee.

This was a ploy to get login details from the firm.

Another attack saw the group spam employee phones with access requests until staff approved.

The duo was then arrested again on March 31st, 2022.

Just before Kurtaj’s arrest, his and his family’s contact details were doxed by his hacking rivals.

Alongside contact details were photos and videos of Kurtaj from social media.

Kurtaj was then moved into a Travelodge hotel for his safety and given very strict bail conditions like being banned from using the internet.

However, he continued hacking.

After this, Kurtaj was “caught red-handed” by the London police force after they searched his hotel room.

Police found an Amazon Fire Stick in the hotel room TV, which allowed him to connect to cloud services, with a recently purchased mobile phone and a keyboard and mouse.

Kurtaj’s final attack against Rockstar Games, he posted a message on the company Slack messaging service that said, “I am not a Rockstar employee, I am an attacker.”

He said that he had downloaded all the data for their new title, Grand Theft Auto 6.

Saying that “if Rockstar does not contact me on Telegram within 24 hours I will start releasing the source code”.

During this time, 90 videos of unfinished gameplay for this new game were put out onto a fan forum.

Kurtaj was then arrested again.

After gaining access to a company’s network, they would often leave messages on Slack or Microsoft Teams after they tried to blackmail the staff.

This hacking spree provoked the US cyber authorities to conduct a major review.

The report said the group “made clear just how easy it was for its members (juveniles, in some instances) to infiltrate well-defended organisations”.

It’s thought that other members of Lapsus$ are still out there.

Last October, Brazilian police arrested someone believed to have allegedly hacked multiple Brazilian and Portuguese companies and other public bodies with the group.

It is currently unknown the exact amount of money Lapsus$ has made from its attacks.

No companies have admitted to paying the hackers and the 17-year-old has refused to give police access to his crypto wallet.

Are you worried about keeping your business safe from cyber attacks?

Contact us today and see how we can help you.

Are you in need of IT Support?

Itek provides IT solutions for your entire IT infrastructure. Your business can experience a cost-effective service at a predictable fixed rate, removing the burden from you and your team and freeing you to focus on your goals.

The Itek Newsletter

Sign up for our weekly newsletter, follow along with tips and tricks as well as best practices straight to your inbox.