Gandalf_The_Grey
Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 6,600
The LAPSUS$ group has previously compromised Nvidia and Samsung. Over the weekend the group published a screenshot that appeared to show access to internal Microsoft systems.
Microsoft is investigating claims that an extortion-focused hacking group that has previously compromised massive companies such as Ubisoft and Nvidia has gained access to internal Microsoft systems, according to a statement from the company.
The hacking group, which goes by the self-designated name LAPSUS$, has successfully breached a wave of corporations recently. LAPSUS$ sometimes makes unusual ransom demands of its victims, including asking Nvidia to unlock aspects of its graphics cards to make them more suitable for mining cryptocurrency. The group has so far not made any public demands against Microsoft.
On Sunday, LAPSUS$ posted a screenshot of what appeared to be an internal Microsoft developer account to their Telegram channel. The screenshot appeared to be from an Azure DevOps account, a product that Microsoft offers that allows developers to collaborate on projects. Specific projects shown in the screenshot include “Bing_UX,” potentially referring to the user experience of Microsoft’s Bing search engine; “Bing-Source,” indicating access to the source code of the search engine; and “Cortana,” Microsoft’s smart assistant. Other sections include “mscomdev,” “microsoft,” and “msblox,” indicating whoever took the screenshot may have access to other code repositories as well.
Shortly after posting the screenshot, an administrator of LAPSUS$’s Telegram channel deleted the image.
“Deleted for now will repost later,” they wrote.
On Sunday, a Microsoft spokesperson told Motherboard in an email that “We are aware of the claims and are investigating.”