The hacker gang known as Lapsus$ breached Microsoft’s systems and pilfered the software giant’s source code for the Bing search engine and Cortana voice assistant, according to a blog post late Tuesday (March 22) by Microsoft Security.
The Microsoft Threat Intelligence Center (MSTIC), Detection and Response Team (DART), and Microsoft 365 Defender Threat Intelligence Team have been tracking the Lapsus$ group for several weeks.
No customer code or data was involved in the breach and Microsoft said since the company does not rely on the secrecy of code as a security measure, the viewing of its source code isn’t considered an increase in risk.
“Our investigation has found a single account had been compromised, granting limited access,” Microsoft said. “Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity. Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk.”
Lapsus$ also claimed responsibility for hacking authentication services firm Okta this week and recently, Samsung, Ubisoft and Nvidia. Okta handles identity management services for thousands of large corporate clients.
See also: Samsung Source Code, Corporate Data Stolen in Breach
The hacking group was dubbed DEV-0537 by Microsoft’s cybersecurity teams and is said to be expanding its target reach to include government agencies, telecom companies and firms in the healthcare industry.
“The objective of DEV-0537 actors is to gain elevated access through stolen credentials that enable data theft and destructive attacks against a targeted organization, often resulting in extortion. Tactics and objectives indicate this is a cybercriminal actor motivated by theft and destruction,” according to the post.
“Unlike most activity groups that stay under the radar, DEV-0537 doesn’t seem to cover its tracks. They go as far as announcing their attacks on social media or advertising their intent to buy credentials from employees of target organizations.”
Related: Hackers Post Nvidia Personnel Data Online After February Breach