Hacking group LAPSUS$ leaks Microsoft source code and LG accounts

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on reddit
Reddit
Share on telegram
Telegram
Share on email
Email

LAPSUS$, the same hacking group that targeted Nvidia and Samsung of recent, has confirmed it has targeted Microsoft, as well as LG and Okta. The latter would give the hackers access to 15,000 companies worldwide, including Peloton, Sonos and T-Mobile. 

In the Microsoft attacks, the group claims to have stolen the source code for not only Bing browser, but also its mapping system and the Cortana assistant. Though El Chapuzas Informatico notes that the group admits it only managed to acquire 90% of the code for Bing Maps, whereas that number sits at around 45% for the code for Cortana and Bing itself. Torrents for both have been released, regardless.

As for LG, a “dump of all hashes for” the company’s employee and service accounts has been leaked, and a “dump of LGs infrastructure confluence will be released soon.” In the official chat announcement, the group taunts LG: “Might be a good idea to consider a new CSIRT team.”

LAPSUS$’s attack on Okta has been proven with released screenshots, and security experts told Reuters they “definitely do believe it is credible.” This is particularly troubling since it’s one of the world’s leading authentication companies for thousands of companies, universities, and government agencies across the globe. I’m sure I don’t need to stress the kind of chaos that could cause, but as Reuters reports, Okta is looking into the security breach now. 

“We believe the screenshots shared online are connected to this January event,” Okta official Chris Hollis said in a statement. “Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”

Right now, thousands of companies, and countless customers, are on high alert. Since these are the same hackers that targeted Samsung, and released 190GB of sensitive data, it’s safe to say their threats are not empty.

Their recent attack on Nvidia sent shockwaves, with the hackers threatening to release a bypass of Nvidia’s hash rate limiter. Data stolen from those attacks was used to disguise malware as GPU drivers, so you can imagine what LAPSUS$ and the rest of the malicious few plan to do with Microsoft’s source code.

Article source: PCGamer

You might also enjoy