Last month, the giants Nvidia and Samsung successively suffered cyberattacks from Lapsus$, a group of hackers visibly increasingly active. Indeed, it is now Microsoft that is paying the price for Lapsus$ by officially declaring that it has been the victim of a new attack on their part, an attack quickly stemmed despite consequences that could have been more serious.
Bing and Cortana source codes hacked
It’s in a public statement published on their website which Microsoft has announced was hacked by Lapsus$ (also known as DEV-0537), a group that the Redmond firm calls “known for using a model of extortion and pure destruction without deploying ransomware payloads”. Last month, these hackers claimed responsibility for a cyberattack targeting Nvidia before attacking, a week later, Samsung and a lot of data including the algorithms of the South Korean group’s biometric technologies.
Going back to Microsoft, only one account would have been compromised and only part of the Bing and Cortana source codes would have been leaked according to the brand. The incident could have been more serious, but according to Microsoft these two leaks do not seriously jeopardize the security of the group’s data.
It is in the blog post published on Tuesday that Microsoft looks back on the events that occurred during this cyberattack by sharing recommendations for possible future attacks.
“The Microsoft Threat Intelligence Center (MSTIC) believes that the purpose of DEV-0537 is to gain access to sensitive data through stolen credentials that enable data theft and destructive attacks against a targeted organization. , often resulting in extortion. The tactics and objectives indicate that it is a cybercriminal actor motivated by theft and destruction. Our investigation revealed that only one account had been compromised, granting limited access to data. Multi-factor authentication (MFA) is one of the main lines of defense against DEV-0537. Although this group attempts to identify the shortcomings of multi-factor authentication, it remains a critical pillar of identity security for employees, vendors, and other personnel. »
By sharing these recommendations and tips, Microsoft is warning other sizeable groups that would be among Lapsus$ targets, including Apple and EA who were cited in a group WhatsApp chat. Microsoft’s blog post will be updated regularly as findings arise during internal investigation by the Microsoft Threat Intelligence Center.
–
