Lapsus$, the notorious hacker group is said to have hijacked some of the world’s biggest tech companies including Microsoft, Nvidia, Ubisoft, Samsung, and Okta. Also Read - Samsung Galaxy M53 5G, Galaxy M33 5G Emerald Brown color launched in India
As per reports, the hacking group on Monday released a 9GB compressed archive of files citing it to have source code of some of Microsoft’s major projects- Bing, Cortana, and a few others from the internal Azure DevOps server. Also Read - Samsung Pokemon Edition Galaxy Buds 2 launched in Korea with Pikachu, Dragonite and more stickers
Microsoft mentioning a detailed cybersecurity blog confirmed its systems to have been breached by the hacker group. “No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity. Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk,” Microsoft acknowledging the issue said. Also Read - Samsung Galaxy Z Flip 4 spotted on Geekbench, reveals Snapdragon 8 Gen 1+ SoC
While South America-based hacker group is famous for posting hacking details publicly on social platforms, in the latest incident, Lapsus$ group is said to have called Microsoft’s help desk trying to convince the support personnel to ‘reset privileged account credentials.’ The group tricked by using native English-speaking caller to speak to the support personnel. “Since many organizations outsource their help desk support, this tactic attempts to exploit those supply chain relationships, especially where organizations give their help desk personnel the ability to elevate privileges,” says Microsoft.
As tech companies are trying to observe the group’s notorious activities, suprisingly, the culprit or the mastermind behind the hacks has turned out to be a teenager who is said to carry the hacking from the comfort of his home in England. As per a Bloomberg report, a 16 year-old English boy is believed to be behind most of the intrusions. According to the report, “researchers investigating the hacking group Lapsus$ on behalf of companies that were attacked” are also investigating a Brazilian teenager, and believe there are at least seven members in the hacker group. The researchers didn’t disclose the details, although they did mention of identifying the teens because “the group suffers from poor operational security”.
Microsoft in this regard has released a set of recommendations for other organisations which are as follows-
-Require Multifactor Authenticator for all users coming from all locations including perceived trusted environments, and all internet-facing infrastructure–even those coming from on-premises systems.
-Leverage more secure implementations such as FIDO Tokens, or the Microsoft Authenticator with number matching. Avoid telephony-based MFA methods to avoid risks associated with SIM-jacking.
Use Azure AD Password Protection to ensure that users aren’t using easily-guessed passwords. Our blog about password spray attacks outlines additional recommendations.
Leverage passwordless authentication methods such as Windows Hello for Business, Microsoft Authenticator, or FIDO tokens to reduce risks and user experience issues associated with passwords.
