The group suffers from poor operational security, according to two of the investigators, which allows cybersecurity companies to gain intimate knowledge of teenage hackers.
“Unlike most activity groups that remain under the radar, DEV-0537 doesn’t appear to be covering its tracks,” Microsoft said in a blog post. “They go so far as to announce their attacks on social networks or publicize their intention to buy employee credentials from target organizations. DEV-0537 began targeting organizations in the UK and South America, but has expanded to global targets, including organizations in the government, technology, telecommunications, media, retail and healthcare sectors.”
The teenage hacker’s personal information in England, including his address and information about his parents, was posted online by rival hackers.
A journalist from Bloomberg, who interviewed a woman who identified herself as the child’s mother. For about 10 minutes they talked through an intercom system with a buzzer. The house was described as “a modest terraced house on a quiet side street”.
The woman said she was not aware of the allegations against her son or the leaked materials. He said he was upset that videos and photos of his home and the home of the teen’s father were included. The mother said the teen lives at that address and had been harassed by others, but many of the other leaked details could not be confirmed by the outlet.
They say he refused to discuss his son in any way or make him available for an interview, saying the issue was a law enforcement matter and that he was contacting police.