SAN FRANCISCO (CBS SF) -- Lurking in the dark corners of the web, a hacker group known as Lapsus$ has targeted some major San Francisco Bay Area tech companies and has become the focus of an international manhunt by the FBI.
On Monday, federal investigation took the rare step of asking for help in unmasking members of the group who hack into computer bases, steal information and then demand a Bitcoin ransom to prevent the data from being posted on the dark web.
Elvis Chan, Asst. Special Agent in Charge, FBI San Francisco, emerged a few months ago. Wired has reported that the group has been rapidly ramping up its attacks, targeting not just US-based companies but also those located in South America, the United Kingdom Europe, and Asia.
Information the hackers take hostage can include intellectual property, software programming like source code, emails, or customer information. The FBI would not say which companies were hit but Tech Crunch, Gizmodo and Wired have all reported that San Francisco-based Okta was among the targets as well as Santa Clara based Nvidia.
Officials with Nvidia, told KPIX that it was aware that employee credentials and some proprietary information had been leaked online back in February, and has hardened its network and notified law enforcement.
Last week, Okta issued an apology on its website for not letting customers know about the hack sooner and wrote that the company had reached out to customers who were affected by the breach that happened back in January.
The apology came after Lapsus$ published screenshots of the breached Okta data on March 21.
When it comes to the ransom demands, the FBI is recommending companies not pay it, calling them a 'sucker bet.'
"The FBI stance is we don't think they should pay it because, A) it's a sucker bet," Chan told KPIX. "Like, even if you pay the ransom a lot of times what happens is they ask for a second ransom and they may still leak the information all over the internet. The second reason is that even if you pay it, you're probably more likely to be hacked in the future and then you're just emboldening the criminals to continue doing their crime spree."
FBI investigators believe the hackers are overseas and not living in the United States.
"We also do not believe any of the hackers are in Russia," Chan said. "We do believe that all of the hackers we're aware of are overseas, and we're trying to work with our international law enforcement partners to figure out exactly where these people are and to bring them to justice."
for more features.