Lapsus$ claims that it was able to hack Microsoft. The alleged documents were later leaked on the group's Telegram account.
Lapsus$ Claims to Hack Microsoft
Cyber hacking group Lapsus$ claims to have successfully breached Microsoft's systems through their Azure DevOps. Lapsus$ has reportedly acquired data and source code repositories for Bing, Bing Maps, and Cortana.
Microsoft, on the other hand, is also conducting an investigation to prove if the reported claims are true. Microsoft is the latest tech company that Lapsus$ attacked. Just recently, the threat actors have successfully breached NVIDIA, Samsung, Vodafone, Ubisoft, and Mercado Libre.
Lapsus$ was able to steal a massive amount of data from Samsung and NVIDIA. This group of threat actors functions a little bit on the contrary since the group does not compromise data or deploy ransomware when it attacks.
The group chooses to attack tech giants and steal their source code and their proprietary data. After illegally acquiring the data, Lapsus$ holds it against the company and ransom them to meet their demands.
Lapsus$ is believed to be a group of threat actors based in South America. At approximately 6:17 p.m. PST on Monday, the threat actor Lapsus$ posted a photo in their Telegram, a messaging account, that they were able to breach inside Microsoft.
On its Telegram channel, LAPSUS$ posted a screenshot of what appeared to be information acquired from an internal developer account for Azure, the company's cloud computing division, which was later deleted.
According to the report of Gizmodo, the screenshot posted on Telegram includes these file names: Bing_UX, Bing-Source, Cortana, mscomdev, microsoft, and msblox.
The allegedly breached data of the group has been deleted, Lapsus$ messaged "Deleted for now will repost later."
However, strangely enough, it can be noticed in the screenshot posted by Lapsus$ that the initials of logged-in user "IS" have been intact and have not been edited. Some suspect that the group left this for Microsoft to identify the identity on where the group was able to breach the data.
Unfortunately, Lapsus$ is a cyber threat group with an impressive track record. Lapsus is a fairly new threat actor in the market, this makes the group extremely popular to the community since they have been able to breach huge tech giants.
Read Also: Anonymous Continues Hacking of Russia, Targets Streaming Services
Lapsus$ Hacking: How Is Microsoft Affected?
According to the report of Bleeping Computer, leaking an open source code does not impose an elevated risk for the company.
During the SolarWinds attack on Microsoft, the company provided an explanation of how they operate stating: "At Microsoft, we have an inner source approach - the use of open source software development best practices and open source-like culture - to making source code viewable within Microsoft."
Microsoft clarified further, "This means we do not rely on the secrecy of source code for the security of products, and our threat models assume that attackers have knowledge of source code. So viewing source code isn't tied to elevation of risk."
Lapsus$ Hacking NVIDIA, Samsung, and Ubisoft
Lapsus$ first gained popularity after hacking a massive 1TB of data from NVIDIA. The breach happened on Feb. 23, just one day after Russia declared specialized military operations to Ukraine. Some say the two events are connected, but Lapsusmce_markernbsp; denied involvement in the geopolitical turmoil in Eastern Europe.
Lapsus$ stated that they are hacking the GU company because they "decided to help mining and gaming community."
Samsung was hacked by Lapsus$ after NVIDIA. The threat actors were able to collect 190 GB worth of data from the company and uploaded it for free in Torrent.
The French gaming company Ubisoft also experienced a data breach from Lapsus$.
Related Article: Lapsus$ Hacking: Ubisoft Becomes the Next Target After NVIDIA and Samsung