Lapsus$, the hacking group has hacked into Microsoft. The software giant confirmed on Tuesday that the hacking group, referred to as DEV-0537, compromised “a single account” and stole sections of source code for some products.
In a blog post on its security site, Microsoft after investigation said investigators had been tracking Lapsus$ for weeks. The post also provides details about some methods they group used to compromise victims’ systems.
Lapsus$, the hacking group that had earlier claimed to have hacked Samsung, Nvidia, and several others, claimed this week that it had also hacked Microsoft. Posting a file in an archive that had 37GB data, the group claimed that it contained partial source codes for Bing and Cortana. Lapsus$ claimed it only got around 45% of the code for Cortana and Bing and around 90% for Bing Maps.
Lapsus$ Hack Threat Not Serious Enough – Microsoft
The Microsoft Threat Intelligence Center (MSTIC) said the DEV-0537 actors’ objective was to gain elevated access through stolen credentials, enabling data theft and destructive attacks against a targeted organisation that often resulted in extortion.
“Tactics and objectives indicate this is a cybercriminal actor motivated by theft and destruction,” MSTIC said.
Microsoft, however, said the leaked code was not severe enough to cause any risk elevation and that response teams shut them down mid-operation.
In the blog post, Microsoft also outlined the steps other organisations can take to improve security, including requiring multifactor authentication, not using weaker multifactor authentication methods such as secondary email or text messages, educating team members about potential social engineering attacks, and creating processes for responses to Lapsus$ attacks.
Microsoft said it would keep tracking Lapsus$ and keep an eye on any attacks it carries out on customers.
