The notorious hacker group Lapsus$ was able to steal source code from Microsoft. Microsoft confirmed the successful hacker attack.
Enlarge
Microsoft confirms source code theft by hacker group Lapsus$
© VDB Photos/Shutterstock.com
Microsoft has confirmed that hacker group Lapsus$ managed to steal source code. Microsoft lists this hacker group as “DEV-0537”. With this, Microsoft confirms a
previous claim of the hackers.
They had uploaded a 37 GB archive to a file sharing platform ( see below ). The archive should contain parts of the source code for Bing, Bing Maps and Cortana.
LAPSUS$ extortion group has released source code to Bing, Bing Maps, and Microsoft Cortana.
They state that each release is incomplete (not the entire source code).
— vx-underground (@vxunderground) March 22, 2022
According to Microsoft, the hackers were able to compromise “a single account” of a Microsoft employee with limited access to the source code and steal parts of the source code for some Microsoft products. Microsoft investigators have been following the Lapsus$ group’s activities for weeks. According to the Microsoft Threat Intelligence Center (MSTIC), the goal of attackers is to use stolen credentials to gain enhanced access that enables data theft and destructive attacks that often escalate into extortion.
Microsoft emphasizes that the leaked code does not pose a security risk and that Microsoft has blocked the hackers’ access. Customer data was not affected by the hacker attack.
update end
After Samsung and Nvidia, among others, it seems that Microsoft has now also caught on. According to the US IT security portal Bleeping Computer, the well-known and almost notorious hacker group Lapsus$ claims that it has captured source code from Microsoft. It should be source code from Bing, Cortana and other projects. Lapsus$ claims to have stolen this data from Microsoft’s internal Azure DevOps servers.
The hackers published a screenshot on their Telegram channel on Sunday morning, which is said to show the stolen source code packages on the Azure DevOps servers. Then, Monday night, the hackers uploaded a 9GB 7Zip archive to a file-sharing network. According to Bleeping Computer, this should contain the source code of over 250 Microsoft projects. Lapsus$ claims that the 7Zip archive contains 90 percent of the Bing source code and about 45 percent of the Bing Maps and Cortana code. According to Bleeping Computer, the archive contains 37 GB of Microsoft source code.
No Windows code
Security researchers who looked at the leaked files told Bleepingcomputer that it was apparently genuine Microsoft internal source code. It also aims to include emails and documentation used by Microsoft developers to release mobile applications. The projects seem to be web-based infrastructures, websites or mobile applications. Source code for Microsoft desktop software, primarily Windows, Windows Server and Microsoft Office, is not included in the leak.
Microsoft confirms investigation
Microsoft told Bleepingcomputer that it would investigate the incident. Also to an editor at IT news site The Verge
confirmed
Microsoft that it is investigating the hacker group’s claim.
Microsoft tells me it’s investigating claims the LAPSUS$ ransomware group has gained access to its internal DevOps platform. “We are aware of the claims and are investigating,” says a Microsoft spokesperson https://t.co/znSL7mBcic
— Tom Warren (@tomwarren) March 21, 2022
The key question is still unanswered: How did the hackers get the data? According to Bleepingcomputer, security experts suspect that the hackers paid Microsoft employees to get the data. In line with this, Lapsus$ is specifically looking for employees of large IT companies such as Microsoft, Apple, EA or IBM in order to pay them for information.
Samsung hacked: Explosive data on Galaxy devices leaked
Cybersecurity incident confirmed at Ubisoft
Nvidia data theft: hackers set an ultimatum until Friday – or all data will be leaked