Microsoft confirms hacker group Lapsus$ had access to source code

Microsoft has responded to Hacker group Lapsus$’s earlier claim that it stole source code from Bing and Cortana. The company confirms that the group had access to source code and that a single account had been compromised.

Microsoft writes on its security blog that DEV-0537, better known as Lapsus$, this week claimed that Microsoft had accessed and stolen parts of its source code. The company states that there was no question of customer code or data that was stolen or viewed. Based on investigation, Microsoft claims that a single account was compromised. Microsoft says it responded quickly to prevent further activity, but the company acknowledges that the group had access to source code: “Microsoft does not rely on code secrecy as a security measure and viewing source code does not increase the risk” .

Lapsus$ is known for “using pure extortion and a destruction model without applying ransomware payloads,” according to Microsoft. According to the company, the group began targeting targets in the United Kingdom and South America, but later expanded its scope worldwide, including government agencies and organizations in sectors such as technology, media and health. In addition, DEV-0537 is also more likely to hack individual user accounts at crypto exchanges to get their hands on their cryptocurrency assets.

According to Microsoft, DEV-0537 is different from other groups in that it doesn’t stay under the radar and doesn’t appear to be covering their tracks. For example, the company says the group sometimes announces their attacks on social media or reveals their intentions when they buy credentials from employees of target organizations. In addition, they sometimes use tactics less commonly used by other groups, such as SIM swapping, paying employees and suppliers, and accessing the personal email accounts of employees of targeted companies.

Lapsus$ previously claimed that it has stolen 37GB of data. The data would come from an internal Azure DevOps server at Microsoft. The group claims it has acquired about 45 percent of the code for Bing and Cortana and about 90 percent of the code for Bing Maps. The hacker group also claimed earlier this week that it would have hacked Okta. The authentication platform confirmed that it had been affected by ransomware. Okta takes care of the security of other companies. Previously, Nvidia and Samsung were victims of the group.