TECH INFOS – Microsoft confirmed they became the newest cyber attack victims; however, they claim that customer data was not involved.
Microsoft today confirmed it had been the victim of a cyber attack by the extortion group called DEV-0537, also known on social media as LAPSUS$, shortly after claiming responsibility for the theft of partial source code for Bing and Cortana. Redmond acted quickly and assured in a statement that customer data was not involved in this action.
“This week, [LAPSUS$] claimed to have gained access to Microsoft and extracted portions of the source code. No customer data or code was involved in the observed activities. Our investigation has found that a single account was compromised, granting limited access,” the tech giant’s cybersecurity team detailed, saying they were able to stop the crisis early.
Meanwhile, LAPSUS$ claimed on Telegram last weekend to have gained access to 90% of Bing Maps code and about 45% of Bing and Cortana code. He did so by sharing a torrent with a compressed size of 9 GB.
The US corporation’s Microsoft Threat Intelligence Center explains that LAPSUS$ seeks to gain access through stolen credentials capable of enabling data theft and destructive attacks against a targeted organisation, often resulting in extortion. “The tactics and targets indicate that this is a cybercriminal group motivated by theft and destruction.”
The name LAPSUS$ is already known in networks. As explained in Xataka, the cybercriminal group behind the hacks of Nvidia, Samsung and MercadoLibre. Now they have stumbled upon Microsoft, which indicates that other big corporations aren’t safe either.