New evidence suggests that The Microsoft LAPSUS$ Hack Really Happened. In the past few hours, the hacker group leaked around 37GB of files that were allegedly stolen from the Redmond company’s servers. among the same some Bing and Cortana source code would be includedamong other services.
As published BeepComputerMonday night, hackers released a 9GB 7Zip file allegedly containing more than 250 Microsoft projects. Those who have had access to it say that once unzipped, you have access to the nearly 40 GB of data mentioned at the beginning of this article.
According to the analysis carried out by various cybersecurity specialists, the information published seems legitimate. In fact, it is mentioned that the leak not only includes what is apparently 90% of Bing’s source code and around 45% of Cortana and Bing Maps; it would also include internal documentation and emails regarding engineers at the Redmond company.
An important point to note is that, regardless of the significance of the leaked data itself, nothing related to Microsoft desktop software would have been compromised. This means that between files nothing related to the source code of products such as Windows or Office is found.
Information published by LAPSUS$ would be limited to projects related to mobile applications, websites and other web infrastructure. In any case, it is not known if the group of hackers could have compromised more information of the company led by Satya Nadella.
Microsoft, one of the latest victims of the LAPSUS$
The first signs of an alleged Microsoft hack appeared over the weekend. Yesterday we told you that LAPSUS$ shared a screenshot which apparently showed that had obtained access to Azure DevOps, a service that allows developers to collaborate on different programming projects. The image showed folders related to Bing and Cortana source code, which suggested the information leak was imminent.
However, what really caught our attention was that the hacker group itself decided to remove the screenshot in question. This did not prevent the image from being reproduced on social networks, but it began to arouse suspicion; in fact, many have speculated that the hackers may have revealed more than they bargained for. It is that the initials of the user account supposedly used to access the files remained visible in the image. And so the speculations began in relation to a supposed internal collaboration for the extraction of the data.
For all this, LAPSUS$ had made no mention of any particular request that Microsoft must comply with in order to avoid the leak. Still, the Redmondians were quick to acknowledge that were aware of the cybercriminals’ allegations and that they were investigating the fact.
For now, it remains to be seen if the hackers have anything else up their sleeves for future leaks, or if that 37GB of data is all they stole from Microsoft.
Okta would also have been hacked
Right now, LAPSUS$ isn’t exclusively focused on what’s apparently stolen from Microsoft. Hackers also claim have accessed Okta serversa company that provides authentication services to over 15,000 businesses and organizations worldwide.
On Telegram, the group of hackers claims to have had superuser and administrator access to Okta systems “for two months”. And although they claim not to have stolen or accessed any corporate databases, they have warned that their focus will be on their customers.
As reported from Okta at Reutersthe apparent infringe it is believed to be an incident that occurred earlier in the year but was reportedly brought under control. “Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January,” he said.
The edge mentions that the possible hacking of LAPSUS$ to Okta could have serious consequences for the American business environment. This report mentions that the company offers its authentication service to companies such as T-Mobile, Sonos, Cloudflare and Peloton; as well as government agencies such as the Federal Communications Commission (FCC).