Tuesday, March 22nd 2022

Microsoft Also Falls Victim to Hacking Group LAPSUS$

Updated by
Uskompuf
 Updated: Discuss (45 Comments)
The hacking group LAPSUS$ responsible for the recent NVIDIA and Samsung compromises has now allegedly breached Microsoft systems gaining access to the source code for Bing and Cortana. The group temporarily published a screenshot of what looked to be an internal Microsoft developer account with access to folders labeled "Bing_UX", "Bing-Source", and "Cortana" in addition to various other sections. The group had previously posted a message seeking to recruit employees at Microsoft, Apple, and IBM to get remote access to companies systems. Microsoft has confirmed in a statement to Motherboard that they "are aware of the claims and are investigating".

Update Mar 23rd: The hackers have now published a 9 GB torrent file which includes data from over 250 Microsoft projects including 90% of the source code for Bing, and approximately 45% of the source code for Bing Maps and Cortana according to security researchers speaking with BleepingComputer.
Sources: Motherboard, BleepingComputer, Microsoft

Related News

Add your own comment

45 Comments on Microsoft Also Falls Victim to Hacking Group LAPSUS$

#26
CrAsHnBuRnXp
Im waiting for the student loan cancellation now.
lexluthermiesterNot true, Edge can be forcibly removed. Easily too!
Now that Edge is based on Chrome, what is everyone's problem with it still?
Posted on Reply
#27
Chrispy_
lexluthermiesterNot true, Edge can be forcibly removed. Easily too!
Edge can be removed, but it does break things.

I have it removed at home but there are work deployments where not having edge breaks all kinds of things from 2FA to MS admin consoles for Azure integration, management etc. UWP apps that are either based on or actively integrated into Azure/Sharepoint/O365 throw hissyfits on the regular.

I've personally tried to create a work-viable "no-cortana, no-edge" deployment and people keep finding problems with it that are too much of a PITA to workaround.
Posted on Reply
#28
ThrashZone
CrAsHnBuRnXpIm waiting for the student loan cancellation now.


Now that Edge is based on Chrome, what is everyone's problem with it still?
Hi,
Lip stick on a pig.
Posted on Reply
#29
the54thvoid
Super Intoxicated Moderator
ThrashZoneHi,
Not using win-11 :eek:

Not tough to find a insider microsoft loves the h-b1 program.
Research says LAPSU$ is South American. I'm pretty sure 'skilled foreign worker' programs poach from the highly educated far east. On that basis, I'd go so far as to say it'll be lonely white-collar, office-cube denizens looking for some latin charm that got romance-scam phished from the sea.
Posted on Reply
#30
ThrashZone
the54thvoidResearch says LAPSU$ is South American. I'm pretty sure 'skilled foreign worker' programs poach from the highly educated far east. On that basis, I'd go so far as to say it'll be lonely white-collar, office-cube denizens looking for some latin charm that got romance-scam phished from the sea.
Hi,
Well ms I'm sure gets cheaper talent from many countries not just far east but money talks and is a easy motivator for bad guys of course covert plants aren't out of the question either.
I remember a USA senators driver was one so yeah ms having a few isn't unheard of :laugh:
Posted on Reply
#31
the54thvoid
Super Intoxicated Moderator
ThrashZoneHi,
Well ms I'm sure gets cheaper talent from many countries not just far east but money talks and is a easy motivator for bad guys of course covert plants aren't out of the question either.
I remember a USA senators driver was one so yeah ms having a few isn't unheard of :laugh:
It's all about the humans. Once we get rid of them gullible meat sacks, there'll be no more hacking leaks.
Posted on Reply
#32
R-T-B
lexluthermiesterNot any more or less than anywhere else. For example, I have no debt to speak of.
I don't have the stats at hand but I will point out that you as one person are statistically insignificant.
Posted on Reply
#34
ThrashZone
Hi,
Yeah lock downs didn't help anyone get out of prior debt.
Posted on Reply
#35
Unregistered
MusselsThey can literally put up ads in places saying "work for big tech? We'll pay big dollars for info" and frikkin advertise that they want you to sell out


This may delve into politics but the US is a country that has lots of people in debt for various reasons, some of them get desperate and would absolutely 'open an innocent email' on a work PC for a bitcoin
It's not like MS only employees people in the US.

I'll just leave this here.

www.finder.com.au/australias-personal-debt-reported-as-highest-in-the-world
Posted on Edit | Reply
#36
claes
ThrashZoneHi,
Yeah lock downs didn't help anyone get out of prior debt.
Given MS could go fully remote and probably pays pretty well I’m not sure what this has to do with anything
Posted on Reply
#37
ThrashZone
Hi,
Not surprising
But then again maybe you think ms employs the planet :laugh:
Posted on Reply
#38
TheinsanegamerN
the54thvoidResearch says LAPSU$ is South American. I'm pretty sure 'skilled foreign worker' programs poach from the highly educated far east. On that basis, I'd go so far as to say it'll be lonely white-collar, office-cube denizens looking for some latin charm that got romance-scam phished from the sea.
LAPSUS$ only needs to find one ofrmer disgruntled H!-B worker with 0 loyalty to spill the beans. They are a dime a dozen at MS now, and they are the very cubicle workers you are talking about.
Posted on Reply
#39
claes
ThrashZoneHi,
Not surprising
But then again maybe you think ms employs the planet :laugh:
Sorry, don’t understand your words. This is an English speaking forum so it’d help if you used complete sentences.

I get it — you don’t think Covid is real, the only reason Americans have economic strife is lockdowns, foreigners with bachelor’s degrees seeking tech jobs are inherently criminals, Bill Gates is engaged in a globalist conspiracy to bring communism and pedophilia to the world — just use complete sentences to express your thoughts and we’ll understand!
TheinsanegamerNLAPSUS$ only needs to find one ofrmer disgruntled H!-B worker with 0 loyalty to spill the beans. They are a dime a dozen at MS now, and they are the very cubicle workers you are talking about.
Or they could find a disgruntled American…

Also it’s H-1B guys… know your enemy lol.
Posted on Reply
#40
the54thvoid
Super Intoxicated Moderator
TheinsanegamerNLAPSUS$ only needs to find one ofrmer disgruntled H!-B worker with 0 loyalty to spill the beans. They are a dime a dozen at MS now, and they are the very cubicle workers you are talking about.
Not how hacking works. Susceptible targets tend to be less well educated and rarely sourced as 'grudge bearers'. That's more likely a spy.

If you're looking at disgruntled workers, maybe consider those home grown folks who resent foreign placements. That's far more logical.
Posted on Reply
#41
lexluthermiester
CrAsHnBuRnXpNow that Edge is based on Chrome, what is everyone's problem with it still?
It's partly closed source, and full of microsoft's standard BS. The only reason I use Windows is because I have too or I would have moved on after the rubbish of Windows 8.
Chrispy_Edge can be removed, but it does break things.
Not that I have seen. At least nothing that I care about. I don't care about all of the integration crap, nor the ms store economy. XBox on Windows holds no appeal for me. So it's possible that removing Edge might break something, but my personal use-case-scenario, there have been zero side effects. YMMV.
Chrispy_I've personally tried to create a work-viable "no-cortana, no-edge" deployment and people keep finding problems with it that are too much of a PITA to workaround.
Windows Enterprise LTSC. All of the integration is gone as is Cortana, Edge and the store app. You should look into it.
Posted on Reply
#42
Chrispy_
lexluthermiesterIt's partly closed source, and full of microsoft's standard BS. The only reason I use Windows is because I have too or I would have moved on after the rubbish of Windows 8.


Not that I have seen. At least nothing that I care about. I don't care about all of the integration crap, nor the ms store economy. XBox on Windows holds no appeal for me. So it's possible that removing Edge might break something, but my personal use-case-scenario, there have been zero side effects. YMMV.


Windows Enterprise LTSC. All of the integration is gone as is Cortana, Edge and the store app. You should look into it.
Yeah, I had LTSC.
As I stated, it's not usable. People need the Windows Store for UWP business apps that are actively developed and cannot be sideloaded in a working way.

I don't need that shit at home, so I've removed Edge, but if you work on Microsoft's cloud for whatever contractual obligations you're tied to, you literally cannot remove Edge otherwise you can't work. Azure, Office365, UWP, Sharepoint - all of these things either stop working or lose enough functionality that any benefits from de-Edging the machine are outweighed by the new problems.
Posted on Reply
#43
Octavean
But how can this be? Surely Windows 11‘s compulsory secure boot and TPM 2.0 is all the security you’ll ever need!!! Right along with “640K is more memory than anyone will ever need”,……:)

Right,….???

Zinggggggggg,……..
Posted on Reply
#44
lexluthermiester
OctaveanBut how can this be? Surely Windows 11‘s compulsory secure boot and TPM 2.0 is all the security you’ll ever need!!! Right along with “640K is more memory than anyone will ever need”,……:)

Right,….???

Zinggggggggg,……..
Bazingga!
Posted on Reply
#45
windwhirl
OctaveanBut how can this be? Surely Windows 11‘s compulsory secure boot and TPM 2.0 is all the security you’ll ever need!!! Right along with “640K is more memory than anyone will ever need”,……:)

Right,….???

Zinggggggggg,……..
No matter how many measures you put in place, you can't fix stupid. Nor people willingly forking over the keys to the kingdom.
Posted on Reply
Add your own comment
Sep 18th, 2024 00:34 EDT change timezone

Latest GPU Drivers

New Forum Posts

Popular Reviews

Controversial News Posts