Dark Web Hackers Lapsus$ Hacked Tech Giant
Microsoft has been at the center of a massive dark web hack that the company confirmed occurred when a member of its team became the target of the Lapsus$ hackers. According to the tech giant, the breach occurred when the Lapsus$ hacking group targeted an employee and gained access to the company’s source code.
The hack granted the dark web threat actors access to classified information, which they later reveal they had stolen from the Microsoft database.
Stolen Source Codes leaked
Since the hack attack, there has been some source code for Bing Maps, Cortana, and Bing circulating on the dark web markets. Also, the Lapsus$ gang revealed that the hacking group has released 37GB of source code stolen from Microsoft’s Azure DevOps server.
Microsoft has since stated in a blog post that the Lapsus$ hackers had compromised and blocked access to its repositories containing the source codes for internal projects for Bing, Cortana, and Bing Maps.
Bing, Cortana, and Bing Maps Source Codes
However, the company had pointed out the recent hack did not involve its client base citing that the analytical team found no trace that shows that anyone of its millions of customers was negatively impacted by the dark web hackers’ security breach. Since then Microsoft’s cybersecurity analysts have remediated the problem, thus preventing further breaches of its private databases.
Microsoft had since issued an advisory about the Lapsus$ hack. The tech company stated that the leaked source code will not elevate any risk to the company as its security measures do not rely on source code secrecy.
Furthermore, the company relayed that the source code elevated risk tactics DEV-0537, which the dark web hackers utilized to breach its security system reflecting the techniques highlighted in the posted article.
The blog further disclosed that its team of highly qualified cyber analysts had quickly intervened and shut down the hackers’ operation preventing them from causing more critical damages after the hacking was publicly disclosed by the criminal hackers.
Microsoft, since the hack, without revealing many details about the recent breach of its source codes, has been sharing an important overview of the Lapsus$ hacking group. So far, the gang’s techniques for cyber security breaches were documented by the company. It stated that its analysts are tracking the extortion group as ‘DEV-0537’.
The blog post also revealed that multiple hacking was done by the hackers; it shows that their primary focus was utilizing compromised credentials to launch future hacking attacks on the private databases of corporate companies.