Recently, Lapsus$ Hackers Group claimed they stole over 37GB of source code of Microsoft’s Cortana and Bing. They also shared proof of it via posting on their Telegram channel. Microsoft investigated all this and confirmed it. Lapsus$ has also stolen data from Nvidia, Samsung, Ubisoft, and Okta lately. The Microsoft Threat Intelligence Center report states the Lapsus$ hacking group as “DEV-0537”. For weeks, Microsoft investigators have tracked the Lapsus$ group and detailed some of their methods to compromise victims’ systems.

Microsoft Revealed Lapsus$ Tactics and Strategy

According to the Microsoft Threat Intelligence Center, “the objective of DEV-0537 actors is to gain elevated access through stolen credentials that enable data theft and destructive attacks against a targeted organization, often resulting in extortion. Tactics and objectives indicate this is a cybercriminal actor motivated by theft and destruction.” Microsoft’s claimed it assumes attackers will access its source code, and they confirmed that the stolen data would not pose a threat to either of them. It also mentioned that its response team shut down the data extortion process mid-way. Lapsus$ also claims that it only got around 45 percent of the code for Bing and Cortana and approximately 90 percent for Bing Maps. Even if Microsoft were worried about its source code revealing vulnerabilities, the latter would feel like a less valuable target than the other two. Microsoft suggests some actions that help other organizations to improve their security system, including requiring multifactor authentication not using weak multifactor authentication methods like text messages or secondary emails. Microsoft also declares that it’ll keep tracking Lapsus$, keeping an eye on any attacks it carries out on Microsoft customers.

