Connect with us

Affected by Cyber Attack: Lapsus$ Strikes Microsoft


Affected by Cyber Attack: Lapsus$ Strikes Microsoft

Credit: Unsplash

During a recent investigation, Microsoft uncovered that it was targeted in a breach orchestrated by a group known as DEV-0537, affiliated with the hacker collective Lapsus$. Lapsus$ has been linked to similar attacks on prominent tech giants like Okta, Nvidia, Samsung, and Ubisoft.

As per Microsoft Security’s findings, Lapsus$ successfully infiltrated a single account, obtaining important source code fragments from major Microsoft products such as Bing and Cortana. The report states, “DEV-0537 actors aim to escalate their access by utilizing stolen credentials to facilitate data theft and destructive assaults on target organizations, often resorting to extortion. Their methods and goals suggest that this cybercriminal entity is primarily driven by motives of theft and sabotage.”

“The group recently asserted that they had accessed Microsoft and extracted segments of source code,” the report elaborates. “Fortunately, no client-specific code or data was compromised. Following our investigations, it was revealed that only one account had been breached, which had limited access. Our cybersecurity response teams acted promptly to rectify the compromised account and prevent any further unauthorized activities.”

“We do not hinge our security on code confidentiality, and examining source code does not heighten our security risk. The intrusion methods adopted by DEV-0537 in this instance resonate with the strategies outlined in our blog. Our team was already probing the compromised account based on threat intelligence when the intrusion was publicly disclosed by the actor. This disclosure prompted us to immediately intervene and disrupt the actor mid-operation, thereby containing the potential wider repercussions of the breach.”

More in Entertainment



To Top