Did Xbox One Get Hacked Again

UPDATE 23/03/22: Microsoft has confirmed that it was breached by Lapsus$ and published its analysis of the grouping'south tactics.

Microsoft could be the latest victim of prolific hacking gang Lapsus$, with the tech giant investigating claims that the grouping has stolen data from its Azure cloud platform. Lapsus$ has been targeting the biggest names in tech recently, with Samsung and Nvidia among the companies breached. This came days after a post by Lapsus$ aiming to recruit employees from large companies – including Microsoft – to provide it with data.

Is Microsoft the latest victim of hacking gang Lapsus$? (Photo by JOSEP LAGO/AFP via Getty Images)

Lapsus$ posted a screenshot of alleged internal Azure source code repositories to a chat on Telegram on Sunday, indicating they had hacked Microsoft'due south Azure DevOps server. A screenshot appears to show an Azure DevOps repository containing source code for Microsoft'south virtual assistant Cortana and several projects relating to its Bing search engine. The post was taken down minutes later and replaced with the message, "deleted for now, will repost later".

A Microsoft spokesman said the visitor is "aware of the claims and [is] investigating" the incident.

Who are Lapsus$?

Specialising in data extortion, Lapsus$ get-go came to prominence through hacks on the Brazilian health ministry and Portugal's Impresa media outlets last yr. Information technology has since targeted global tech companies like Nvidia and Samsung, and last Thursday French gaming publisher Ubisoft confirmed it was investigating a cybersecurity incident, widely idea to be the work of the gang.

Content from our partners

"As a precautionary measure, we initiated a visitor-wide password reset… There is no show any thespian personal information was accessed or exposed as a by-product of this incident," a Ubisoft statement read. Lapsus$ appeared to claim credit for the breach the adjacent day by posting a link to an article detailing the hack with a smirking face up emoji to its Telegram channel.

Some threat analysts believe that the grouping's success could be considering information technology is fabricated up of extremely experienced cybercriminals. Researchers at Searchlight Security say at that place is speculation that some of its members take been active in the cybercrime community for a while, including selling zip-day exploits and running a site defended to leaking individuals' personal information.

The recent explosion of activity by Lapsus$ is likely to have attracted the attention of police force-enforcement agencies, which could mean its moment in the spotlight will exist short-lived. "As Lapsus$ has conducted its criminal activity in such a public fashion - specifically via non-dark web channels such every bit Telegram - it is likely the rapid pace of its attacks will be stalled at some point, due to either law enforcement or private sector counter-measures," says a threat analyst who has been tracking the grouping's progress closely, and spoke to Tech Monitor on condition of anonymity.

Data, insights and assay delivered to you View all newsletters Past The Tech Monitor team Sign upwardly to our newsletters

Is the Lapsus$ Microsoft breach genuine?

Security experts are divided as to whether the Microsoft assail is genuine. "Lapsus$ has pulled off these types of confirmed attacks against NVIDIA, Samsung, Vodafone, Ubisoft, and Mercado Libre. Then, the assault on Microsoft is probable to exist 18-carat," argues Chris Hauk, consumer privacy champion at security business firm Pixel Privacy.

Notwithstanding, Toby Lewis, global head of threat analysis at security company Darktrace, is more attentive. "Beyond the – albeit alarming – screenshot of an internal programmer dashboard, in that location has non been any farther bear witness of a hack," he says. "Lapsus$ has breached major organisations in the by, so it is not out of the question that this was indeed a successful hack, but the screenshot provides united states of america with very little data."

Did Lapsus$ go inside aid to breach Microsoft?

The declared Microsoft hack comes days later Lapsus$ posted a recruitment ad looking for employees at global companies, including Microsoft. The Telegram mail reads: "Nosotros recruit employees/insider at the following: any company providing telecommunication, large software/gaming corporations (Microsoft, Apple, EA, IBM and other like). Call eye/BPM, server hosts." At the lesser, there is a note in bold and in capitals that says, "We are not looking for data, we are looking for the employee to provide us a VPN or Citrix to the network." The threat analyst who has been tracking Lapsus$ says: "While there is no prove to suggest this pitch has yet been successful, [employee involvement] is entirely possible, given the directly reference to Microsoft in the group'due south recruitment pitch."

Read more: Lapsus$ Okta breach sparks supply chain attack concerns

boyleanstor.blogspot.com

Source: https://techmonitor.ai/technology/cybersecurity/lapsus-microsoft-breach-ubisoft-samsung

Share this post