Lapsus$ claim to have leaked 37 GB with code from Bing Maps or Cortana. Microsoft is looking into it

  • 30

The Lapsus$ hacker group is becoming a nightmare for big tech companies. After the cyberattacks on Nvidia, Samsung, MercadoLibre or Ubisoft now claim having stolen much of the source code for Cortana, Bing and Bing Maps.

In Microsoft they have declared that they are aware of the announcement of Lapsus$ and those responsible indicated in The Register what “we are investigating” the facts. This group of cybercriminals has indicated that they have also managed to access data from LG and Okta, a Cloudflare identity provider.

A massive but apparently incomplete code theft

In a Lapsus$ message in a Telegram group this weekend, the download of a .torrent file was offered that gave access to that file with part of the source code Bing Maps, Cortana and Bing.

Several messages on Twitter from cybersecurity experts who had accessed that data seemed to confirm the security breach. If confirmed, Microsoft would be one more victim of a hacker group that appears to be based in Brazil.

Cybersecurity expert Dominic Alvieri, who was one of the first to report the event, indicated that although “normally you wouldn’t give credence to a screenshotbut Lapsus$ has managed to infiltrate Samsung, Impresa, Mercado Libre, Ubisoft and Nvidia”. In his opinion, Lapsus$’s statement “seems credible so far and the reputation [de Microsoft] is at stake.”

Lapsus$’s message in the Telegram group indicated that this torrent file gave access to 90% of the Bing Maps code, already about 45% of the code from Bing and Cortana. It is therefore not the complete code of all these projects, but it is an important part of that information.

Lapsus$, The terror of the big technology companies

The members of Lapsus$ they had until not long ago a low profile: They were known to infiltrate news outlets like SIC Noticias or Expresso or the Brazilian Ministry of Health, but everything changed in February.

That’s when they managed to infiltrate NVIDIA’s network and stole a terabyte of data, including employee information. They published some of that information, and a few days later they attacked Samsung and stole 190 GB of internal dataincluding parts of the source code of their Galaxy mobiles.

One of his last victims it was apparently Ubisoftand there is also talk of how they could have achieved infiltrate Vodafone and steal 200 GB of source code. Those responsible for the operator also indicated who were investigating the events a few days ago.

Screenshot 2022 03 22 At 9 30 33

The cyberattack on Microsoft seems in fact just part of their latest cyber raids. In the same Telegram channel they indicated that had managed to infiltrate LG Electronics and offered a copy of the “hashes” of employee accounts that uniquely identify them. They also promised to publish a file with more internal company information.

Screenshot 2022 03 22 At 9 33 11

They also seem to have achieved Okta.com superuser credentialsa service that provides authentication systems to large corporations, including Cloudflare.

The CEO of the latter, Matthew Prince, admitted A few hours ago that possibility existed, although it clarified that they have several additional layers of security and that there was no evidence that Cloudflare “had been compromised”.

Image | Markus Spike

The Lapsus$ hacker group is becoming a nightmare for big tech companies. After the cyberattacks on Nvidia, Samsung, MercadoLibre or…

The Lapsus$ hacker group is becoming a nightmare for big tech companies. After the cyberattacks on Nvidia, Samsung, MercadoLibre or…

Leave a Reply

Your email address will not be published.