Lapsus$ hacker member Arion Kurtaj, a key suspect in the Grande Theft Auto (GTA) VI leak, has been sentenced to life in a secured hospital.
On Thursday, a British judge ruled that the 18-year-old individual is a significant threat to the public as he remains intent on perpetrating cybercrimes.
In August, a London jury identified Kurtaj to be responsible for the hacks on Rockstar Games, the developer of the GTA franchise, and other well-known firms, including Uber and Nvidia.
However, due to Kurtaj’s autism and being deemed unfit for trial, the jury focused on whether he carried out the attacks being discussed instead of determining if he committed the acts with criminal intent.
The court received information that Kurtaj had displayed violence while detained, with several reports of injury and damage to property. A mental health assessment also found that he has plans to return to cybercrime immediately.
Kurtaj was sentenced to life in a hospital prison unless doctors deemed him no longer a public risk. He is set to undergo periodic risk evaluations.
Kurtaj stole and leaked the 90 videos involving GTA VI’s gameplay in September while he was on bail for hacking Nvidia and BT/EE and under police protection at a Travelodge hotel.
While his laptop was confiscated, Kurtaj was still able to attack Rockstar Games with the room’s Amazon Fire Stick and TV, a newly bought mobile phone, keyboard, and mouse. Kurtaj was taken into police custody for the last time after the incident.
Meanwhile, an unnamed 17-year-old also linked to Lapsus$ received an 18-month Youth Rehabilitation Order and a prohibition from using virtual private networks (VPNs).
GTA VI’s official trailer, released this month, has gained hundreds of millions of views despite Kurtaj’s leaks and early reveal on X.
During the 18-year-old’s sentencing, his defense team requested the judge to consider the trailer’s success. However, the judge pointed out that actual harm was caused to companies and people, stating that Rockstar Games spent $5 million to recover from the incident.
Lapsus$ is a Serious Threat to the Cyber Security World
Kurtaj and the 17-year-old were the first Lapsus$ hackers to be convicted, but other members are believed to remain on the loose.
The group’s bold assaults in 2021 and 2022 caught the global cybersecurity community off guard. In court, the Lapsus$ hackers from the UK, and allegedly Brazil, were deemed “digital bandits.”
Believed to primarily consist of teenagers and juveniles in some cases, Lapsus$ utilized con-man-like methods and computer hacking to illegally access major corporations like Microsoft and the digital banking firm Revolut.
Throughout their crime spree, the hackers often publicly announce their crimes and provoke victims on the Telegram app in English and Portuguese.
That led US cyber authorities to release an extensive report on Lapsus$ and similar teen hacker groups.
The report determined that Lapsus$ demonstrated how easy it is for their members to break into highly-protected companies.
The financial gains generated by Lapsus$ from its cybercrimes have yet to be determined. No firms have openly stated paying the hackers, while the group withheld passwords to the crypto wallets they have stolen.
