Tech giant Microsoft confirmed the existence of a hack by a group of hackers called Lapsus$.
Hacking group Lapsus$ has previously been known to hack tech companies such as Nvidia and Samsung. As of this week they claimed to have hacked Microsoft.
The Lapsus$ group uploaded a file that it claims contains partial source code for Bing and Cortana in an archive that holds nearly 37GB of data.
On Tuesday (22/3) evening, after conducting an investigation, Microsoft confirmed a group called DEV-0537 compromised ‘one account’ and stole parts of the source code for some of its products.
A blog post on its security site said Microsoft investigators had been tracking the Lapsus$ group for weeks and detailed some of the methods they used to force their way into victims’ systems.
According to the Microsoft Threat Intelligence Center (MSTIC), the goal of DEV-0537 perpetrators is to gain elevated access via stolen credentials, enabling data theft and destructive attacks against targeted organizations.
“Often results in blackmail. Tactics and goals [peretas] shows this is a cybercriminal motivated by theft and vandalism,” reads a post on the Microsoft blog site.
Even though Microsoft claims the leaked code is not severe enough to cause an increased risk, the security team has blocked hackers’ access in the middle of the operation.
Lapsus$ recently claimed to have broken into a number of technology company systems. The group said it had access to data from Okta, Samsung and Ubisoft, as well as Nvidia and now Microsoft.
While companies like Samsung and Nvidia have admitted their data was stolen, Okta dismissed the group’s claims that they had access to the authentication service.
Okta claims that Okta’s services have not been hacked and are still operating as they should.
In a blog post, Microsoft outlines a number of steps a company or organization can take to improve security systems, including requiring multifactor authentication, not using weak authentication such as text messages or secondary email.
Quoted from PC MagMicrosoft also recommends training the team on potential social engineering attacks, and for responding to potential Lapsus$ attacks.
Microsoft also said they will continue to track the Lapsus$ hacking group, to monitor any attacks carried out against Microsoft customers The Verge.
(can/fea)
–