Microsoft confirms that Lapsus $ hacking group stole source code

Rate this post
Microsoft rewards Indian cybersecurity analysts for $ 30,000

Earlier this month, Samsung confirmed that the data deletion group Lapsus $ stole the source code of a Galaxy smartphone. Currently, the same cyber hacking group is stealing Microsoft’s Cortana and Bing source code from an internal server. They claim to have accessed partial source code for these platforms, including 37GB worth of data. Let’s take a look at the details.

DataExtortionGroup steals Microsoft source code

Microsoft recently published an official blog post on the Security Forum to confirm the source code theft.Tech giant says that Tracking the activity of the Lapsus $ groupClaims that sensitive data has also been stolen from other companies such as Nvidia and Ubisoft.

In a blog post, Microsoft identified this group as “DEV-0537” and said it stole some of the source code for some products and services such as Bing and Cortana.

The Microsoft Threat Intelligence Center (MTIC) is the main purpose of the group “It often enhances access through stolen credentials, allowing data theft and devastating attacks on targeted organizations and causing extortion.” Team too Emphasized some of the methods Lapsus $ uses to access the target system..

This is of utmost concern for both users and the company, but Microsoft We have confirmed that the stolen data poses no threat to either. He also mentioned that the response team shut down the data extortion process prematurely. Therefore, the hacker did not have access to the entire source code for that product. Lapsus $ says it I was able to get 45% of Bing codes and about 90% of Bing Maps code..

In the future, Microsoft said it will continue to monitor Lapsus $’s activity through the threat intelligence team. The company also emphasized a number of security systems, including powerful multi-factor authentication methods that other companies can implement to keep data secure from such blackmail groups. In addition, it suggests that other vulnerable companies will educate their employees about social engineering attacks and create dedicated processes to handle such attacks.

For more information, check out Microsoft’s blog post and let us know what you have to say about this hack in the comments below.