The company confirms that the Lapsus$ gang was recently able to steal source code. The criminals allegedly broke into a developer’s account.
Earlier this week, an archive of about 37GB appeared on the internet containing source code for Microsoft’s search engine Bing and the smart assistant Cortana. With the upload, the Lapsus$ gang, who previously also broke into Nvidia and Samsung, claimed that they had hacked Microsoft.
After an investigation, Microsoft has now found out that an account of one of its developers was compromised and that source code was stolen, the company writes in a blog post. However, customer data would not have been affected, nor would the leak be large enough to pose a real threat. “Microsoft does not rely on the secrecy of its code as a security measure, so disclosing source code does not increase the risk,” Microsoft said.
Also, in the blog post, the company provides some more information about its own research into Lapsus$. Microsoft says it has been eyeing the suspected South American gang, which it calls itself DEV-0537, for some time. The gang had previously been noticed with hacks from Samsung Nvidia and claimed to have broken into the maker of authentication software Okta this week. Screenshots often accompany those intrusions on Telegram and strange ransoms, such as the demand for Nvidia to restore the crypto functions of its graphics cards.
According to Microsoft, these are cybercriminals who are mainly out for money and destruction. “DEV-0537 is known to employ a pure extortion and destruction model, with no ransomware payloads,” the company wrote in its blog. “They are also known for taking over individual user accounts on crypto platforms in order to steal crypto coins.” According to Microsoft, their tactics consist of using social engineering over the phone, SIM swapping, and simply bribing employees or salespeople to gain access.
