US $ attack again. The group of hackers would have returned to the ring with a new high level hack, since would have had access to Microsoft servers. According to a screenshot posted on their Telegram channel, the hackers they might have in their possession the source code of services such as Bing and Cortana. If confirmed, they would add a new victim after the recent cyberattacks on NVIDIA, Samsung, and Mercado Libre.
According to motherboard, Microsoft is already aware of the LAPSUS$ allegations and is investigating. In any case, the extent of this apparent security flaw is unknown; A striking point is that the authors of the hack themselves they eliminated the screenshot shared with his followersalthough they promised to be back soon with more news.
Although the image was deleted from Telegram, several copies of it have gone viral on social media. In the same multiple directories can be displayed in Azure DevOpsa product provided by Microsoft so that developers can collaborate on different projects.
One of the folders that appears in the image shared by LAPSUS$ is called bing-source and its description is quite eloquent: “The central project to store all Bing source code”. Another of the files has the name Cortana and its description reads: “Cortana’s main project. Eventually, all Cortana-related code and work should be managed through this project.”
These are certainly not the only folders visible in the screenshot shared by the hackers. Other containers related to the Microsoft search engine are also appreciated, related to the front end and user experience. Without a doubt, if the leak from Redmod’s servers is confirmed, hackers could get their hands on it. a very valuable amount of information.
Microsoft would be the new victim of the LAPSUS$
The reason LAPSUS$ removed the screenshot information allegedly stolen from Microsoft. Speculation began on social media about the possibility that the hacker team would have revealed more information than expected. Is that in the upper right corner of the screen you can see the initials “EAST” which would match the user used to enter Azure DevOps and filter the data.
Thus, the possibility that the group used stolen credentials to access the information is fueled; or that he has received internal aid. Agree with VICEearlier this month, the group of cybercriminals published a recruitment message, looking for employees of large companies who would like to collaborate with the cause.
As of this writing, the group has given no further indication of what it intends to do with the data apparently stolen from Microsoft. Remember that the LAPSUS$ has gained notoriety in recent weeks after hacking NVIDIA and threatening to release approximately 1TB of data if their demands were not met; what was being asked of the company was that it release its GPU drivers for cryptocurrency mining.
While Samsung was another target of the hacker group. The South Koreans said they suffered a infringe which caused the escape of part of the source code of their Galaxy mobiles; however, they indicated that no user data was involved in this event. And, a few hours later, Mercado Libre confirmed that it had been the victim of unauthorized access that led to the theft of information, including data from 300,000 users.
In the case of Microsoft, LAPSUS$ has not yet issued a threat. We will be attentive to know if other news appear in the next few hours.