After gaining access to Microsoft’s Azure DevOPS source code repositories, a South American data extortion group of hackers named Lapsus$ has just published fraction of Microsofts’ internal files online.
Allegedly Lapsus$ group has acquired 37GB in total of MIcrosoft’s internal source code.
To prove their claims and to confirm the hack of Microsoft servers, the Lapsus$ group has posted a screenshot of Microsoft’s Azure DevOps account on Telegram channel. Breached data includes the source code of Bing, Cortana and some other internal company projects.
According to the Lapsus$ group, the source code that was posted on torrent is compressed and is 9GB in size and contains 90% of the Bing source code and 45% of the source code of Bing Maps and Cortana. Security researchers have analyzed the leaked source gode and have confirmed that the leaked file are legitimate source code of the company and that uncompressed size is 37GB.
It is still unknown how the Lapsus$ group has managed to breach into Microsofts’ source code repositories, but security researchers believed they had help from the inside. Even though Microsoft was the latest victim of Lapsus$, this hacking groups has also successfully attacked Nvidia, Ubisoft, Vodafone, Samsung and Mercado Libre companies.
Lapsus$ also has many followers on Telegram where they are actively recruiting company employees to get insider access. They are also using Telegram to announce new leaks and attacks for self-promotion purposes.