216.73.216.233

LAPSUS$

· Published 16/12/2025 19:39 · Modified 27/03/2026 01:13 · Source: The MITRE Corporation

Essential information

Confidence
100/100
Published
16/12/2025 19:39
Modified
27/03/2026 01:13
Updated at
27/03/2026 01:13
Revoked
No
Author / Source
The MITRE Corporation
Resource level
Primary motivation
Related entities
45 attack patterns (mitre), 1 tool

Aliases

DEV-0537 Strawberry Tempest

Description

[LAPSUS$](https://attack.mitre.org/groups/G1004) is cyber criminal threat group that has been active since at least mid-2021. [LAPSUS$](https://attack.mitre.org/groups/G1004) specializes in large-scale social engineering and extortion operations, including destructive attacks without the use of ransomware. The group has targeted organizations globally, including in the government, manufacturing, higher education, energy, healthcare, technology, telecommunications, and media sectors.(Citation: BBC LAPSUS Apr 2022)(Citation: MSTIC DEV-0537 Mar 2022)(Citation: UNIT 42 LAPSUS Mar 2022)

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references

Related entities

Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.