News

Microsoft Confirms Cyberattack, Stolen Source Code For Bing And Cortana

Yesterday's report that Microsoft had been compromised by Lapsus$, the same hacker group that's been terrorizing tech organizations like Nvidia and Samsung, has been proven correct. Microsoft admitted to being hacked in a security blog post last night.

"Our investigation has found a single account had been compromised, granting limited access," wrote Microsoft. "Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity."

Hacker group Lapsus$ claimed to have stolen 37GB of data, including the source code of over 250 projects, 90 percent of the source code for Bing, and 45 percent of the source code for Cortana. They also claimed to have obtained emails and documentation from several of Microsoft's engineers.

Unlike with Nvidia, however, Microsoft seems to have caught Lapsus$ in the act and prevented the hacker collective from making off with even more data. ”Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion," Microsoft said, adding that "no customer code or data" was stolen.

Microsoft noted that Lapsus$, known internally at Microsoft as DEV-0537, has been on a rampage over the past several weeks. To combat Lapsus$ illegal activities, the bulk of the tech giant's blog update actually details how Lapsus$ operates, how it manages to get into so many organizations' systems, and what everyone can do to stop them.

Lapsus$ doesn't install ransomware like so many hackers do, but instead works on "a pure extortion and destruction model." They target companies all over the world ranging from tech to media to retail, and mostly operate through a "large-scale social engineering and extortion campaign." Tactics include phone-based social engineering, taking over the personal email accounts of employees to gain access to security info, or outright paying for the passwords of employees at targeted organizations.

Microsoft's recommendations to combat Lapsus are extensive, but the top of the list is implementing multifactor authentication. This can include entering both a password and a temporary code that’s emailed or texted to the employee.

Lapsus$ didn't get away with much Microsoft data so it hasn't tried to extort the tech giant. However, Lapsus$ has done a number of Nvidia, and even released the source code for its vaunted DLSS technology.

Source: Read Full Article