Microsoft may be the latest victim of Lapsus$

News
By published

Hacker group claims to have stolen the source code for Cortana and several Bing projects

Hacker
(Image credit: ozrimoz / Shutterstock)

The South American-based data extortion hacking group Lapsus$ has allegedly gained access to Microsoft's Azure DevOps source code repositories and stolen data from the company.

Unlike other cybercriminal groups which deploy ransomware on the devices of their victims, Lapsus$ instead prefers to target the source code repositories of large tech companies. After stealing their proprietary data, the group then tries to ransom it back to the companies themselves for millions of dollars.

TechRadar needs you!

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.

>> Click here to start the survey in a new window <<

Although it's still unclear as to whether or not these ransom attempts have paid off yet, Lapsus$ has made a name for itself over the past few months by successfully attacking Nvidia, Samsung, Vodafone, Ubisoft and Mercado Libre.

Now though, it seems the group has stepped up its efforts by going after Microsoft and according to BleepingComputer, the software giant is currently in the process of investigating Lapsus$'s claims that it stole the company's source code.

Internal source code repositories

The Lapsus$ group recently announced that they had hacked Microsoft's Azure DevOps server by posting a screenshot of the company's internal source code repositories on Telegram.

The screenshot itself showed a picture of an Azure DevOps repository that contained the source code for Cortana along with several other Bing projects such as Bing_STC-SV, Bing_Test_Agile and Bing_UK. 

Surprisingly, Lapsus$ didn't obscure the initials “IS” in the screenshot, perhaps as a way to let Microsoft know the identity of the compromised account of one of its employees. However, the initials could also indicate that the group was taunting the software giant as it's done with previous victims including Nvidia.

Read More

> Hackers threaten to turn every Nvidia GPU into a Bitcoin mining machine

> Nvidia hackers hit Samsung and leak huge data dump

> Ubisoft fans need to change their passwords now

While Lapsus$ took down their post fairly quickly, it was still up for long enough for security researchers to save it and share it online. Microsoft has yet to confirm if their Azure DevOps account was breached by the group but the company is aware of the group's claims and is currently investigating them.

Unlike with their recent attack on Nvidia where code-signing certificates obtained by Lapsus$ were used by other cybercriminals to distribute malware, Microsoft's threat model assumes that attackers already understand how their software works. The software giant uses an inner source approach where open source software development best practices and an open source-like culture model make source code viewable within the company. As such, Microsoft doesn't rely on the secrecy of source code for the security of its products.

We'll likely hear more from Microsoft regarding the potential breach once the company finishes conducting its investigation into the Lapsus$ group's claims.

Via BleepingComputer

TOPICS
Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
hacker.jpeg
Thousands of GitHub repositories exposed via Microsoft Copilot
ChatGPT on smartphone and desktop.
Microsoft claims its servers were illegally accessed to make unsafe AI content
hacker.jpeg
VSCode extensions pulled over security risks, but millions of users have already installed
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Microsoft reveals over a million PCs hit by malvertising campaign
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
59 organizations reportedly victim to breaches caused by Cleo software bug
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
North Korean Lazarus hackers launch large-scale cyberattack by cloning open source software
Latest in Security
A graphic showing someone on a tablet working through a supply chain.
Security issue in open source software leaves businesses concerned for systems
ransomware avast
One of the most powerful ransomware hacks around has been cracked using some serious GPU power
person at a computer
Infamous ransomware hackers reveal new tool to brute-force VPNs
person at a computer
Many workers are overconfident at spotting phishing attacks
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
Data Breach
Thousands of healthcare records exposed online, including private patient information
Latest in News
Panos Panay and Alexa Plus
Amazon's Panos Panay teases future Alexa+ devices from speakers to possible wearables
Metroid Prime 4
I reckon the Nintendo Switch 2 could launch with Metroid Prime 4 – here’s why
Samsung Galaxy Z Fold 6
New rumors predict a foldable iPhone will launch next year – and cost almost twice as much as the iPhone 16 Pro Max
Pebble smartwatch countdown
Pebble confirms its smartwatch announcement is just hours away
Logo of YouTube Shorts
Is YouTube auto-playing Shorts when you open the app? Well, you’re not alone - here’s how to fix it
Google DeepMind panel discussion
“More sovereignty and protection” - Google goes all-in on UK AI with data residency, upskilling projects, and startup investments
More about security
A graphic showing someone on a tablet working through a supply chain.

Security issue in open source software leaves businesses concerned for systems
person at a computer

Infamous ransomware hackers reveal new tool to brute-force VPNs
ViewSonic VP2788-5K Display

Viewsonic's 5K monitor finally goes on sale, but is it already too little too late to make a splash?

See more latest
Most Popular
ViewSonic VP2788-5K Display
Viewsonic's 5K monitor finally goes on sale, but is it already too little too late to make a splash?
Panos Panay and Alexa Plus
Amazon's Panos Panay teases future Alexa+ devices from speakers to possible wearables
Samsung Galaxy Z Fold 6
New rumors predict a foldable iPhone will launch next year – and cost almost twice as much as the iPhone 16 Pro Max
Maxtang SXRL-20 mini pc
This fanless PC looks like a giant heatsink and has one incredible feature: five, yes five, 4K-capable HDMI ports
Aoostar G-flip 370
There's no need for a monitor with this Ryzen AI-powered mini PC
The Ryzen AI Max+ 395 could power the latest generation of powerful mini PCs
This prototype mini PC demonstrates a massive leap forward for integrated graphics in a console form factor
Metroid Prime 4
I reckon the Nintendo Switch 2 could launch with Metroid Prime 4 – here’s why
Minisforum AI X1 mini PC
Tiny Mac Mini rival can power four 8K monitors, and is the first mini PC to receive AMD's powerful Ryzen 7 260 APU
AOOSTAR G-FLIP mini PC
AMD powers the world's fastest all-in-one PC, and yes, I've probably overstretched the definition of AIO PC just a tiny bit
26TB WD Red Pro HDD
Western Digital introduces 26TB WD Red Pro HDDs for RAID and NAS systems at a surprisingly low price