Microsoft hacked

Microsoft Confirms Hacker Group Lapsus$ Breached Its Systems

Customers stand near the Microsoft logo during the Microsoft Xbox One X game console global launch event in New York, US, on Monday, 6 November 2017. (Photo: Mark Kauzlarich / Bloomberg)

(Bloomberg) --Microsoft Corp. said that the hacker group Lapsus$ gained “limited access” to its systems, following a claim by the group that it obtained source code for the Bing search engine and Cortana voice assistant.

By Vlad Savov
Mar 23, 2022, 2:33 AM
Word Count: 323

The software giant had been tracking the activities of Lapsus$ — which it labels a “large-scale social engineering and extortion campaign” — for several weeks and provided some details on the methods of its attacks in a blog post late Tuesday. Lapsus$ had previously breached the cybersecurity defenses of Nvidia Corp. and Samsung Electronics Co., and this week also claimed to have gained access to the system privileges of Okta, the San Francisco-based company that manages user authentication services for thousands of corporate clients.

Read more: Okta tumbles after hacking group claims data breach

“Our investigation has found a single account had been compromised, granting limited access,” Microsoft said. “Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity. Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk.”

The hacking group, which has been given the designation DEV-0537 by Microsoft’s cybersecurity researchers, has been expanding the geographic range of its targets and going after government organizations as well as the tech, telecom and health-care sectors, according to the blog post. They are also known for hijacking cryptocurrency accounts, Microsoft said.

Lapsus$ has made claims on social media that it’s infiltrated several large tech companies besides Microsoft. Its Telegram channel was first to announce the Microsoft and Okta breaches this week and also included mention of breaching employee accounts of LG Electronics Inc.

“Unlike most activity groups that stay under the radar, DEV-0537 doesn’t seem to cover its tracks,” said Microsoft, based in Redmond, Washington. “They go as far as announcing their attacks on social media or advertising their intent to buy credentials from employees of target organizations.”

© 2022 Bloomberg L.P.


Comments - Please in order to comment.

Please peer review 3 community comments before your comment can be posted

[%% img-description %%]

The Spy Bill: An autocratic roadmap to State Capture 2.0

Join Heidi Swart in conversation with Anton Harber and Marianne Merten as they discuss a concerning push to pass a controversial “Spy Bill” into law by May 2024. Tues 5 Dec at 12pm, live, online and free of charge.

A South African Hero: You

There’s a 99.8% chance that this isn’t for you. Only 0.2% of our readers have responded to this call for action.

Those 0.2% of our readers are our hidden heroes, who are fuelling our work and impacting the lives of every South African in doing so. They’re the people who contribute to keep Daily Maverick free for all, including you.

The equation is quite simple: the more members we have, the more reporting and investigations we can do, and the greater the impact on the country.

Be part of that 0.2%. Be a Maverick. Be a Maverick Insider.

Support Daily Maverick→
Payment options