The Microsoft source code breach may be much bigger than we thought

Discussion in 'Networking and Security' started by themickey, Mar 23, 2022.

  1. themickey

    themickey

    https://www.techradar.com/news/the-microsoft-source-code-breach-may-be-much-bigger-than-we-thought
    By Anthony Spadafora

    37GB of Microsoft's internal source code has been leaked online by the Lapsus$ group

    [​IMG]
    (Image credit: gguy / Shutterstock)

    After allegedly gaining access to Microsoft's Azure DevOps source code repositories over the weekend, the South American-based data extortion hacking group Lapsus$ has now made some of the company's internal files available online.

    In a recent post on Telegram, the group shared a screenshot of Microsoft's Azure DevOps account to show that they had hacked one of the company's servers which contained the source code for Bing, Cortana and a number of other internal projects.

    Now though, Lapsus$ has made the source code for over 250 Microsoft projects available online in a 9GB torrent. According to the group, the torrent itself contains 90 percent of the source code for Bing and 45 percent of the source code for both Bing Maps and Cortana.

    While Lapsus$ says that they only leaked some of Microsoft's source code, security researchers that spoke with BleepingComputer say that the uncompressed archive actually contains 37GB of projects. After examining the contents of the torrent more closely, the security researchers are confident that the leaked files are legitimate internal source code from the company.

    Paying for access
    In addition to internal source code, some of the leaked projects contain emails and other documentation that was used internally by Microsoft engineers working on mobile apps. The projects themselves all appear to be related to web-based infrastructure, websites or mobile apps and at this time, it seems that Lapsus$ did not steal any source code for Microsoft's desktop software such as Windows 11, Windows Server and Microsoft Office.

    Microsoft may be the latest victim but over the past few months, the Lapsus$ group has made a name for itself by successfully attacking Nvidia, Samsung, Vodafone, Ubisoft and Mercado Libre.

    While it's still unknown as to how the group has managed to target the source code repositories of so many big companies in such a short time, some security researchers believe Lapsus$ is paying corporate insiders for access. In fact, in a previous post on its fast-growing Telegram channel, the group said that it actively recruits employees and insiders at telecoms, large software and gaming companies, call centers and dedicated server hosting providers.

    Besides recruitment, Lapsus$ also uses its Telegram channel to announce new leaks and attacks as well as for self-promotion. The group has already amassed close to 40k subscribers on the platform which it even uses to chat with its fans.

    Now that the Lapsus$ group has gained a great deal of notoriety online, expect law enforcement agencies and even large companies like Microsoft to begin taking action to disrupt its activities before it strikes again.
     
  2. Ninja

    Ninja

    Good news. After all, open-source is a security advantage, right…?

    :)
     
  3. M.W.

    M.W.

    @themickey, why did you block me? I can't see your content which I truly enjoy reading. I don't think I ever had an exchange with you...what's that block for?
     
  4. The Lapsus$ hackers group should search the Microsoft source code for any evidence of the NSA illegally spying on Americans. They could help themselves and all Americans by releasing evidence of illegal NSA spying.

    Exciting to watch these battles which are now happening on so many fronts!
     
    stochastix and NoahA like this.
  5. 2rosy

    2rosy

    so? linux is open source, many systems and applications are open source. Just having the code means nothing
     
  6. Hey would I want to look at a bug ridden pile of slop? Fuck Microsoft Tho. Been ms-free 26 years and counting
     
  7. 22 years for me.
     
    stochastix likes this.
  8. TheDawn

    TheDawn

    Bing sucks!! Not interested to know its source codes anyway.
     
  9. easymon1

    easymon1

    Why would you think something like this could ever happen?
     
  10. themickey

    themickey

    Cybersecurity researchers trace Lapsus$ attacks to a teenager from England
    They believe he's the mastermind behind the hacks.

    M. Moon|03.24.22 @mariella_moon https://www.engadget.com/cybersecurity-researchers-lapsus-teenager-england-050735235.html?src=rss
    [​IMG]
    Sergey Shulgin via Getty Images

    A hacking group calling itself Lapsus$ recently made waves by releasing sources codes it claimed to have stolen from Microsoft and Okta. Now, cybersecurity researchers investigating the attacks have traced them to a 16-year-old living with his mother near Oxford, England, according to Bloomberg. While the researchers have identified seven accounts associated with the hacking group — including one traced to another teenager in Brazil — they believe the teenager from England is the mastermind and is behind some of the major Lapsus$ hacks. However, they weren't able to connect the teen to all the attacks the group carried out.

    The researchers looked at forensic evidence from the hacks, as well as public information to determine that the teen was indeed involved. Apparently, rival hackers posted the teenager's details online, including his address and information about his parents. Bloomberg didn't release the teen's personal information and only mentioned that he goes by the aliases "White" and "breachbase." White is reportedly so skilled at hacking and so fast at what he does that researchers previously thought the attacks were automated.

    Some cybersecurity researchers believe that the group is motivated by not just money, but also notoriety, seeing as the actor doesn't cover its tracks. As Microsoft detailed in its investigation of the Lapsus$ attacks, the group even announces its hacks on social media and publicly posts calls for employees willing to sell their company logins. The bad actor also joins targets' communications channels, such as their Zoom calls, to taunt the people responding to their attacks.

    Microsoft said the group started by targeting organizations in United Kingdom and South America, but that it has since expanded to target entities around the world, including government agencies, telecoms, and companies in the health sector. Both Microsoft and Okta admitted that they suffered a security breach, but both claim limited impact from the attacks.
     
    #10     Mar 24, 2022