A Thursday night time arrest of a 17-year-old within the UK could have led to the seize of one of many largest video game-related leakers in current historical past.
London police forces confirmed their apprehension of an Oxford suspect a social media channel usually used for police arrest updates, and it clarified the suspect’s age, a imprecise cost of “suspicion of hacking,” and that the investigation was coordinated with the UK’s National Crime Agency (NCA) and particularly its National Cyber Crime Unit.
That cost was adopted hours later by a report from American freelance journalist Matthew Keys alleging that the arrest revolved squarely across the current theft and distribution of unreleased property from the British online game studio Rockstar North. This report cites “sources” to declare that the FBI was concerned on this investigation and that the information seized additionally included parts of a huge Uber-related breach. Keys’ report, as of press time, has not been corroborated by bigger newsrooms in both the US or the UK.
The gaming leak in query was among the many highest profile in current historical past, because it basically contained the world premiere of the extremely anticipated online game Grand Theft Auto VI. Up till this week’s leak, sequence followers had been left with rumors and rumour about its potential setting (a Miami-like metropolis that resembles the sequence’ Vice City) and its protagonists (a “Bonnie and Clyde” pair of protagonists, together with the primary playable lady in a mainline GTA recreation). Both of these rumors had been confirmed by the leak, which Rockstar finally confirmed was reliable and sourced from a 3-year-old model of the sport.
Before Thursday’s arrest, the GTA VI gameplay leaker initially claimed involvement in a current huge breach of Uber’s information, as effectively—and Uber publicly blamed the hacking collective Lapsus$ for that intrusion. Previously, no less than one teenage boy from Oxford had been linked to the hacking efforts of Lapsus$ by a BBC report. UK authorities didn’t verify that report’s veracity on the time, due to privateness guidelines about underage suspects. Thus, whereas the GTA VI leak could possibly be linked to efforts by Lapsus$, that connection stays unconfirmed as of press time.
Ars Technica’s Dan Goodin beforehand reported on Lapsus$’s hacking efforts as they had been chronicled by members on their official Telegram chat channels. Many of the group’s strategies, no less than as publicly revealed, took benefit of vulnerabilities in customary “two-factor” multifactor authentication programs—which often revolve round much less safe backup login choices that an attacker can exploit. The GTA VI leaker beforehand recommended that they gained unauthorized entry to Rockstar’s supply code through accessing the corporate’s Slack chat interface, however as of press time, it is unclear whether or not this too was a matter of “MFA bombing” to trick an worker into unwittingly accepting one thing like a cellphone name immediate.
Should this week’s Oxford arrest be linked to the GTA VI leak, that timeline could be way more accelerated than we noticed in one other memorable European supply code leak. German hacker Axel Gembe finally recounted the story of his apprehension after he breached Valve’s pc programs to obtain the supply code to Half-Life 2. That raid and subsequent arrest passed off roughly eight months after the leak was initially reported.