Microsoft and Okta Targeted by LAPSUS$

LAPSUS$ Hackers Claim to Have Breached Microsoft and Authentication Firm Okta

Microsoft and Okta, a provider of authentication services, said they are looking into claims of a possible breach made by LAPSUS$.

Targeted

The gang posted a screenshot to their Telegram channel early Sunday morning. They were indicating that they had hacked Microsoft‘s Azure DevOps server. This contained source code for Bing, Cortana, and other internal projects.

The Claim

El Chapuzas Informatico points out that the group admits it only got 90 percent of the code for Bing Maps, while it got around 45 percent of the code for Cortana and Bing itself. This comes after claims to have stolen the source code for not only the Bing browser, but also its mapping system and the Cortana assistant in the Microsoft attacks. Regardless, torrents for both have been made available online and are reported to look authentic.

Evidence

Images with the terms “Bing UX,” “Bing-Source,” and “Cortana” indicate that the source code for Microsoft’s search engine was accessed. Other sections for “mscomdev,” “microsoft,” and “msblox” may indicate that the group has gained access to additional code repositories.

Microsoft responded to the breach by saying that they know about the claims and are looking into the possibility of an internal breach. However, LAPSUS$ has not made any demands of the company as of this writing.

Allegedly, an administrator of LAPSUS$’s Telegram channel deleted the images that allegedly reveal sensitive Microsoft assets. They posted, “Deleted for now, will repost later.”

A Different Approach

LAPSUS$ are unlike previous ransomware groups that take data from victims and subsequently encrypt it in exchange for a payment. The new threat entrant focuses on data theft and uses it to blackmail the targets.

The cybercrime gang has claimed a long list of high-profile victims since it went active in late December 2021. These include Impresa, NVIDIA, Samsung, Mercado Libre, Vodafone, and, most recently, Ubisoft.

Update

According to the claims of the breach, this could affect anyone who uses Windows 11 on a PC or laptop. However, the infamous hacking group’s intentions are unclear. A Microsoft update will most likely inform consumers of the next steps.

If you have any concerns about your security or need advice about how to protect yourself, contact us.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.