The arrest Thursday night of a 17-year-old in the UK may have led to the arrest of one of the biggest video game leakers in recent history.
London police confirmed the arrest of a suspect in Oxford channel on social networks was regularly used to update police on arrests and it clarified the suspect’s age, the vague charge of “suspected burglary” and that the investigation was being coordinated with the UK’s National Crime Agency (NCA) and in particular its National on combating cybercrime.
This accusation was followed a few hours later report by American freelance journalist Matthew Keyes claiming that the arrest revolved around the recent theft and distribution of unreleased assets from British video game studio Rockstar North. That report cites “sources” who say the FBI was involved in that investigation and that the data seized also included part of the massive Uber-related breach. Keyes’s report had not been confirmed by major news outlets in either the US or the UK at the time of publication.
The game leak in question was one of the most high-profile in recent history, as it essentially contained the world premiere of the highly anticipated video game Grand Theft Auto VI. Until this week’s leak, fans of the series had been rife with rumors and rumors about its potential setting (a Miami-like city reminiscent of the series’ Vice City) and its characters (the Bonnie and Clyde character couple, including the first playable a woman in the highway GTA game). Both of these rumors were confirmed by a leak that Rockstar eventually confirmed was legitimate and came from a 3-year-old version of the game.
Before the arrest on Thursday GTA VI The gameplay leak originally claimed to be involved with the recent massive Uber data breachand also—and Uber has publicly accused the hacking collective Lapsus$ for that invasion. At least one Oxford teenager has previously been linked to Lapsus$’s hacking efforts a BBC report. UK authorities did not confirm the truth of the report at the time due to privacy rules for underage suspects. So while GTA VI the leak may be related to the efforts of Lapsus$, this connection remains unconfirmed at the time of publication.
This was previously reported by Dan Goodin of Ars Technica Lapsus$’s hacking efforts described by members in their official Telegram chat channels. Many of the group’s methods, at least as publicly disclosed, exploited vulnerabilities in standard “two-factor” multi-factor authentication systems — which typically revolve around less secure backup login options that an attacker could exploit. The GTA VI The leak previously suggested that they gained unauthorized access to Rockstar’s source code by accessing the company’s Slack chat interface, but at the time of publication it was unclear whether this was also a “MFA bombing” to force an employee to unwittingly accept something like a phone tip on a call.
Should this week’s arrest in Oxford be attributed to GTA VI leak, this timeline would be much more accelerated than we’ve seen in another memorable European source code leak. German hacker Axel Gembe finally told the story of his detention after he hacked into Valve’s computer systems to download the source code Half-Life 2. That raid and the subsequent arrest happened about eight months later the leak was initially reported.