New evidence suggests that LAPSUS$ Microsoft hack really happened. In the last few hours, the group of hackers disclosed about 37 GB of files that would have been stolen from the Redmond corporation’s servers. among the same part of the source code of Bing and Cortana would be includedamong other services.
As published BleepingComputer, on Monday night hackers released a 9 GB 7Zip file that allegedly contained more than 250 Microsoft projects. Those who had access to it say that, once uncompressed, you get access to the almost 40 GB of data mentioned at the beginning of this article.
According to the analysis carried out by different cybersecurity specialists, the information that was published seems legitimate. In fact, it is mentioned that the leak not only includes what would apparently be 90% of the Bing source code and about 45% of Cortana and Bing Maps; it would also include internal documentation and emails pertaining to engineers at the Redmond corporation.
An important point to note is that, regardless of the significance of the leaked data itself, nothing related to Microsoft desktop software would have been compromised. This means that between the files nothing related to the source code of products such as Windows or Office is found.
The information published by LAPSUS$ would be limited to projects related to mobile applications, internet sites and other web-based infrastructure. In any case, it is unknown if the group of hackers could have compromised more information from the company led by Satya Nadella.
Microsoft, one of the most recent victims of LAPSUS$
The first signs of an alleged Microsoft hack appeared over the weekend. Yesterday we told you that LAPSUS$ had shared a screenshot that apparently showed that had gained access to Azure DevOps, a service that allows developers to collaborate on different programming projects. The image showed folders related to the source code of Bing and Cortana, which suggested that the information leak was imminent.
However, what really caught our attention was that the hacker group itself decided to remove the screenshot in question. That did not prevent the image from being replicated on social networks, but it began to raise suspicions; in fact, many speculated that the pirates might have revealed more than they intended. It is that the initials of the user account supposedly used to gain access to the files remained visible in the image. And so the conjectures began in relation to a supposed internal collaboration for the extraction of the data.
To all this, LAPSUS$ had not made any mention of any particular demand that Microsoft must comply with in order to avoid the leak. Still, the Redmondians quickly recognized that were aware of the cybercriminals’ claims and that they were investigating the fact.
For now, it remains to be seen if the hackers have something else up their sleeves for future leaks, or if those 37GB of data is all they’ve stolen from Microsoft.
Okta would also have been hacked
At this time, the focus of LAPSUS$ is not exclusively on what is apparently stolen from Microsoft. Hackers also claim have accessed the Okta serversa company that offers authentication services to more than 15 thousand companies and organizations worldwide.
On Telegram, the group of hackers claims to have had superuser and administrator access to Okta systems “for two months”. And although they claim not to have stolen or accessed any company database, they did warn that they will focus on their customers.
As stated from Okta to Reutersthe apparent breach it would relate to an incident that occurred earlier in the year but would have been contained. “Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January,” he said.
TheVerge mentions that the possible hack of LAPSUS$ to Okta could bring serious consequences to the American business environment. Said report mentions that the company offers its authentication service to firms such as T-Mobile, Sonos, Cloudflare and Peloton; as well as government agencies such as the Federal Communications Commission (FCC).