A UK court has decided to keep Arion Kurtaj, a member of the cybercrime and extortion gang Lapsus$, in a “secure hospital” indefinitely.
One of the main Lapsus$ threat actors is Kurtaj, an autistic 18-year-old who was involved in the leak of Grand Theft Auto VI-related materials.
Sentenced Indefinitely in a ‘Secure Hospital’
A British judge reportedly handed down an indefinite term in a “secure hospital” to Arion Kurtaj, a member of the Lapsus$ cybercrime organization, as reported by the BBC.
Kurtaj, who resides in Oxford, was an important member of Lapsus$ and leaked footage from Grand Theft Auto VI, an upcoming video game developed by Rockstar Games.
The judge ruled that, due to his cybercrime skills and motivations, Kurtaj was a “high risk” to society. Staying at a secure hospital is necessary until physicians determine he is no longer a danger.
Juxtaposed with the hacker’s cybercrime, the court heard that he had been aggressive while detained, resulting in “dozens of reports of injury or property damage.”
Medical staff had determined that Kurtaj could not stand trial due to his autism, so the question of whether or not he acted intentionally with criminal intent was left to the jury.
According to the BBC, Kurtaj’s mental health evaluation that was part of the sentencing hearing has shown that he is very motivated to “return to cyber-crime as soon as possible.”
At Southwark Crown Court in London, another member of Lapsus$, who is 17 years old and cannot be named for legal reasons, was found guilty after a six-week trial.
The youngster, who remained anonymous, worked with Kurtaj and other gang members to hack into the systems of computer companies like NVIDIA and telecommunications companies like BT/EE.
However, their attempt to demand a ransom of $4 million was unsuccessful. As part of the Youth Rehabilitation Order, the juvenile is required to undergo 18 months of intensive monitoring and is also subject to a “ban on using VPNs online.”
Prosecutors claim that Kurtaj was “caught red handed” in the past trying to evade his bail restrictions when they discovered an Amazon Fire Stick in his hotel room TV.
This stick allowed him to access cloud computing services using his smartphone, keyboard, and mouse. Even though his laptop was confiscated, he managed to carry out the GTA 6 leak in this way.
Arrested not once but twice in 2022 in relation to Lapsus$ hacking activity, Arion Kurtaj was believed to be one of the group’s leaders. The first arrest occurred in January, and the second in March.
Lapsus$: Hacking High-profile Names
Despite the fact that the Lapsus$ gang is supposedly made up of minors, it would be foolish to dismiss their skills or the danger that the group poses to a company’s cyber infrastructure.
In the past, the Lapsus$ cybercrime gang has been implicated in a number of high-profile hacks, including those at Okta, Uber, and the financial technology company Revolut. They also allegedly leaked 37 GB of source code for Bing, Cortana, and other Microsoft projects through an attack on Microsoft’s internal Azure server.
The gang has also made claims of having compromised LG Electronics (LGE) a “second time” in the span of a year. After contacting LG, BleepingComputer was still unable to verify the claim.
Samsung, NVIDIA, and Mercado Libre are among the reputed top firms whose confidential data Lapsus$ has previously disclosed gigabytes of.
In contrast to ransomware operators, data extortion groups like Lapsus$ take and retain victims’ proprietary data, threaten to disclose it if their demands are not satisfied, and access victims’ systems in order to do so.
You may be interested in our other articles about technology if you enjoyed this one: