Lapsus$ hacks Microsoft Source Code

Lapsus is a hacker group that has hacked Nvidia, Samsung, and Microsoft. The hacking group posted a file that contains partial source code for Bing and Cortana in an archive holding nearly 37GB of data.

Microsoft confirmed that DEV-0537 compromised “a single account” and stole parts of source code for some of its products. Microsoft investigators have been tracking the hackers’ group for weeks and detail some of the methods they’ve used to compromise victims’ systems.

Microsoft Threat Intelligence Center added that the objective of DEV-0537 actors is to increase elevated access through stolen credentials. That enables data theft and destructive attacks against a targeted organization, often resulting in extortion. Tactics and objectives indicate this is a cybercriminal actor motivated by theft and destruction.The company also maintains that the leaked code is not severe enough to cause an elevation of risk, and that its response teams shut down the hackers mid-operation. The hackers team has been on a tear recently if its claims are to be believed.

The group says it’s had access to data from Okta, Samsung, and Ubisoft, Nvidia and Microsoft. The companies like Samsung and Nvidia have admitted their data was stolen, Okta pushed back against the group’s claims that it has access to its authentication service. The Okta service has not been breached and remains fully operational.