LAPSUS$ Hacking Group stole Source Code of Microsoft Bing & Cortana

Listen to this article

Microsoft has confirmed the attack in a post and pointed out that it happened when Lapsus$ compromised one of its employees’ accounts. The blog post said the observed activities didn’t find involvement of any customer’s code or data.

The investigators of Microsoft have discovered a single account was discredited after allowing limited access. The cybersecurity response teams were rapidly involved to secure the compromised account and stopped more critical damage.

Microsoft then provided more details about the planning from cybersecurity teams and mechanisms to prevent similar threat elements. The same hacking group (LAPSUS$) earlier targeted many tech giants including Samsung, Nvidia, LG, Okta, and now Microsoft.

LAPSUS$ stole the source code of Bing & Cortana

It is noteworthy that hackers used ‘LAPSUS$’ to get access to 15,000 companies around the world such as T-Mobile, Sonos, and Peloton. The hacking group has reportedly theft the source code in the Microsoft attempt. The source code for Bing browser, Microsoft mapping system, and Cortana assistant was also stolen.

However, El Chapuzas Informatic pointed out that the group has accepted for just managing to gain 90% code of Bing Maps. But they were able to obtain around 45% of the code for Bing and 45% for Cortana. LG’s employee’s service accounts were also compromised with a dump of all hashes.

LG also announced that the company will release its infrastructure concurrence very soon. The hacking group challenged in the official chat announcement that considering a new CSIRT team might be a good idea. Moreover, Okta also provided screenshots as proof and said the company definitely believes LAPSUS$ is credible.

Nvidia and Okta experienced Security Threats

The company said the hacking group is causing trouble for one of the leading authentication companies in the world. They are attempting thousands of companies, government agencies, and universities around the world. An Okta official said the company believes shared screenshots online are linked to this January hacking incident.

The official said the investigation didn’t find any evidence of ongoing malicious activities as it discovered in January. Moreover, thousands of companies and a plethora of customers are now on high alert. This is the same hacking group that besieged Samsung and exposed 190GB of sensitive information.

The recent attack generated more shockwaves for Nvidia as the hacking group threatened to expose a bypass of hash rate limiters. The stolen data from most of the attacks were utilized for hiding the malware as GPU drivers. The group of hackers threatened to leak the source code for Cortana, Bing, and other stolen projects of Microsoft.

Lapsus$ stole Azure DevOps Server

The Lapsus$ group posted a screenshot to its Telegram channel early Sunday morning. The group said they have stolen the Azure DevOps server of Microsoft keeping source code for Bing, Cortana, and other projects.

It is important that Lapsus$ posted a thread for a 9GB 7zip archive. It contains the source code of more than 250 projects of Microsoft. The group said it obtained 90% of the source coded for Bing and around 45% for Cortana and Bing Maps.

However, the company said only some of the source code was exposed. Security experts have investigated the leaked files and said they have found a compromised internal source code of Microsoft. Meanwhile, the investigations have indicated that some of the leaked projects carry emails and documentation. The engineers of Microsoft internally use these files to publish mobile apps.