Home » Technology » Microsoft » Lapsus$ group claims to have hijacked source code: Microsoft Investigating

Lapsus$ group claims to have hijacked source code: Microsoft Investigating

After the attack on the South Korean electronics manufacturer Samsung, the extortion group Lapsus$ now claims to have gained access to Microsoft. The hackers reported that they had multiple DevOps accounts under their control and thus had access to important data sources. Nvidia, Ubisoft, and Vodafone have also fallen victim to the Lapsus$ group in the recent past. Microsoft would now be affected, but the extent of the hack is not yet known. Microsoft has already confirmed that they are taking the alleged data access reports very seriously and investigations have been launched.

short-term

Lapsus$ initially reported in forums on Sunday that Microsoft’s source code repositories had been hacked. Reports appeared on Telegram and Reddit, among others. However, these reports were removed again stating that a “re-post” would be presented once they were ready to provide details of the captured data. In a retracted screenshot, the group now claims to own the source code for Cortana and several Bing projects called “Bing_STC-SV”, “Bing_Test_Agile”, and “Bing_UX”. It concerns the internal Azure DevOps source code repositories of the software company. The group is said to have penetrated there and stolen data. So far, such attacks have always resulted in Lapsus sending millions of dollars in ransom to the company while simultaneously making parts of it public to confirm they have the data. The Bleeping Computer has already done some research into possible problems due to a source code leak.

On the security front, Microsoft said the group believes viewing the source code does not pose an increased risk. This is also due to the fact that the group pursues a so-called “inner source” approach. This includes the development of open-source software and open source-like culture – to make the source code visible within Microsoft. “This means that we don’t rely on source code secrecy to protect our products, and our threat models assume that attackers are aware of the source code,” Microsoft explains in a blog post about a legacy SolarWinds attacker accessing their source code.