Microsoft could be the latest victim of a hacking organization that has recently attacked several of the world’s major tech firms. According to a source, the software giant is presently examining reports that LAPSUS$, a hacking gang that has stolen data from Nvidia, Samsung, and other major tech companies, has acquired access to its internal networks. LAPSUS$ shared a screenshot of what looked to be information acquired from an internal developer account for Azure, its cloud computing subsidiary, to its Telegram channel over the weekend.
The images “Bing UX,” “Bing-Source,” and “Cortana” indicate that Microsoft’s virtual assistant and search engine source code were viewed. Other portions containing the words “mscomdev,” “microsoft,” and “msblox” could imply that the hacking group has gotten access to other source repositories.
Microsoft Could Be Another Victim of Hacking Group LAPSUS$: Report
The photographs that allegedly disclose important Microsoft assets were purportedly removed by an administrator of LAPSUS$’s Telegram channel, who wrote, “Deleted for now will repost later.”
“We are aware of the concerns and are investigating,” Microsoft said in a statement.
Though LAPSUS$ has demanded cash and held critical information as blackmail in previous hacks, the extortion gang has yet to demand anything from the business software behemoth. The organization threatened to expose stolen corporate data unless GPU drivers were made open source and Ethereum cryptocurrency mining limiters were lifted from Nvidia 30-series graphics cards in the case of Nvidia.
LAPSUS$ is said to be on a recruiting drive to persuade employees to divulge sensitive information.
LAPSUS$’s usage of Telegram to develop a social media presence and give it a public voice sets it apart from other hacking gangs. The group aspires to be well-known. Instead of encrypting devices and launching ransomware assaults, LAPSUS$ threatens to reveal information it has already taken unless the victim owes it money.
LAPSUS$ is a newbie to the scene. Its initial suspected attacks, which began at the end of last year, targeted Brazilian and Portuguese companies, including Brazil’s health ministry, Impresa, a Portuguese media company, and South American telcos Claro and Embratel. Following its attacks on tech titans Nvidia and Samsung, the hacker organization, which claims to be driven solely by money, has gained confidence and expanded its aspirations.