LAPSUS$ Hacking Group Leaks Microsoft Source Code and LG Accounts


LAPSUS$, the same hacking group that recently targeted Nvidia and Samsung, confirmed that they targeted Microsoft, as well as LG and Okta. The latter would give hackers access to 15,000 companies worldwide, including Peloton, Sonos and T-Mobile.

In the Microsoft attacks, the group claims to have stolen the source code not only of the Bing browser, but also of its mapping system and the Cortana assistant. Although El Chapuzas Informatico notes that the group admits that it has only managed to acquire 90% of the code for Bing Maps, while this number is around 45% for the code of Cortana and Bing itself. Torrents for both have been released, regardless.

As for LG, a “dump of all hashes for” company employee and department accounts has been leaked, and a “dump of LG’s infrastructure confluence will be released soon.” In the official chat announcement, the group mocks LG, “It might be a good idea to consider a new CSIRT team.”

LAPSUS$’s attack on Okta was proven by published screenshots, and security experts told Reuters they “really thought it was believable.” This is particularly troubling as it is one of the world’s leading authentication companies for thousands of businesses, universities, and government agencies around the world. I’m sure I don’t need to dwell on the kind of chaos this could cause, but as Reuters reports, Okta is currently investigating the security flaw.

“We believe the screenshots shared online are related to this January event,” Okta chief Chris Hollis said in a statement. “Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.”

Currently, thousands of businesses and countless customers are on high alert. Considering these are the same hackers who targeted Samsung and released 190GB of sensitive data, it’s safe to say that their threats aren’t empty.

Their recent attack on Nvidia sent shockwaves, with the hackers threatening to release a bypass of Nvidia’s hash rate limiter. The data stolen in these attacks was used to disguise the malware as GPU drivers, so you can imagine what LAPSUS$ and the rest of the malicious few are planning to do with Microsoft’s source code.


Comments are closed.