Lapsus$ Hacks into Microsoft Codes, How Serious is it?

    Lapsus$, the hacking group has hacked into Microsoft. The software giant confirmed on Tuesday that the hacking group, referred to as DEV-0537, compromised “a single account” and stole sections of source code for some products.

    In a blog post on its security site, Microsoft after investigation said investigators had been tracking Lapsus$ for weeks. The post also provides details about some methods they group used to compromise victims’ systems.

    Lapsus$, the hacking group that had earlier claimed to have hacked Samsung, Nvidia, and several others, claimed this week that it had also hacked Microsoft. Posting a file in an archive that had 37GB data, the group claimed that it contained partial source codes for Bing and Cortana. Lapsus$ claimed it only got around 45% of the code for Cortana and Bing and around 90% for Bing Maps.

    Lapsus$ Hack Threat Not Serious Enough – Microsoft

    The Microsoft Threat Intelligence Center (MSTIC) said the DEV-0537 actors’ objective was to gain elevated access through stolen credentials, enabling data theft and destructive attacks against a targeted organisation that often resulted in extortion.

    “Tactics and objectives indicate this is a cybercriminal actor motivated by theft and destruction,” MSTIC said.

    Microsoft, however, said the leaked code was not severe enough to cause any risk elevation and that response teams shut them down mid-operation.

    In the blog post, Microsoft also outlined the steps other organisations can take to improve security, including requiring multifactor authentication, not using weaker multifactor authentication methods such as secondary email or text messages, educating team members about potential social engineering attacks, and creating processes for responses to Lapsus$ attacks.

    Microsoft said it would keep tracking Lapsus$ and keep an eye on any attacks it carries out on customers.


    Latest Updates

    Related Articles

    2023 WHO Report Flags Climate Change as Escalating Threat to Malaria Control Efforts

    The Annual 2023 WHO Report on Malaria that has been released now has put...

    COP28: Tedros Urges Swift Climate Action, Malaria Response Investment

    COP28: The 2023 World Malaria Report has sounded a resounding alarm, confirming that the...

    New WhatsApp ‘Secret Code’ Gives Your Chats 3 Powerful Armoury

    A New WhatsApp 'Secret Code' has been released to further fortify user privacy and...

    Can BCCI Leave Behind Rohit Sharma, Find a New Captain for SA Tour?

    Rohit Sharma has put BCCI in a tricky spot. The upcoming South Africa tour...