Lapsus$, The Hackers Who Have Stolen Microsoft From Bing And Cortana: The Company Confirms It

0

Lapsus: Last Sunday, the LAPSUS$ cyber-extortion group posted on its Telegram channel a screenshot of what appeared to be an internal Microsoft developer account. The screenshot appeared to be from an Azure DevOps account, a product Microsoft offers that allows developers to collaborate on projects.

The specific projects shown on the screenshot included

“Bing_UX”, which could refer to the user experience of Microsoft’s Bing search engine
“Bing-Source”, indicating access to the source code of the search engine
“Cortana”, the intelligent assistant from Microsoft
“mscomdev”, “microsoft”, and “msblox”, indicating that whoever took the screenshot may have access to other code repositories as well.

But was this true? Lapsus$ has been able not only to successfully cyberattack the IT giant’s infrastructure, but also to steal material from them? A few days ago, Microsoft began an internal investigation to confirm. And today, it has issued a statement acknowledging not only that it has been the victim of a cyberattack, as Lapsus$ claimed, but also that elements of the source code of the Bing search engine and the Cortana assistant -named after the character of the franchise- have been stolen. of Halo games.

Slip$

Who is Lapsus$? This group of hackers has managed to breach several well-known companies recently, but it is not the typical group that only goes after money using ransomware tactics – it hijacks systems and releases them in exchange for money. LAPSUS$ sometimes demands an unusual ransom from its victims, such as asking Nvidia to unlock aspects of its graphics cards to make them more suitable for cryptocurrency mining. So far, the group has not made any public lawsuits against Microsoft.

The curious thing is that this attack against Microsoft has not been exactly surprising, since a month before, Lapsus$ posted a somewhat discreet advertisement on its Telegram channel in which it was looking for employees within companies that were willing to work with them, including Microsoft :

“Recruiting employees/insiders below!!!!” PLEASE NOTE: WE ARE NOT LOOKING FOR DATA, WE ARE LOOKING FOR THE EMPLOYEE TO PROVIDE US A VPN OR CITRIX TO THE NETWORK, or some desktop.”

In the message, Lapsus$ pointed directly at companies like Apple, IBM, and Microsoft, outlining specific ways in which hackers could access the networks of targeted companies with the help of the rogue employee. Since December, the group has breached the Brazilian Ministry of Health, a number of Brazilian and Portuguese companies, and then Nvidia and Samsung in February and March respectively, according to a timeline of LAPSUS$ attacks published by cybersecurity firm Silent Push. . The group also reportedly claimed responsibility for the attack on Ubisoft this month.