Hacking Group Claims to Leak Microsoft Source Code


Missed a Data Summit session? Watch on demand here.

A malicious actor who previously stole and leaked data from Nvidia and Samsung now claims to have posted Microsoft source code for Bing, Bing Maps and Cortana on his Telegram channel.

The threat actor, Lapsus$, which is believed to be operating in South America, posted the claim on Telegram at 6:17 p.m. PST Monday.

On Sunday, Lapsus$ had posted a screenshot that it claimed was from Microsoft’s source code repositories, including for Bing and Cortana.

The group claimed to have accessed the repositories by hacking into an Azure DevOps server. The screenshot was later deleted without explanation. “I’ll repost later,” the band said.

In response, Microsoft released a statement saying the company was investigating the allegations.

Monday’s new Telegram message includes a 483KB file, which Lapsus$ claims contains some source code for Microsoft’s Bing search engine, Bing Maps service and virtual assistant Cortana. The group suggested the file includes 90% of the Bing Maps data it claims to have stolen and 45% of the Bing and Cortana data it claims to have stolen. “Enjoy everyone!” the post reads.

VentureBeat reached out to Microsoft to comment on Lapsus$’s latest claims.

“Given the lack of denials from former Microsoft and $Lapsus victims, their claims are not entirely implausible,” Emsisoft threat analyst Brett Callow said in a message to VentureBeat. “The gang appears to be somewhat disorganized, which could indicate that they are relatively inexperienced – and that makes their ability to hit big business somewhat surprising.”

Screenshot of Lapsus $ Telegram channel

Over the past month, vendors such as Nvidia and Samsung Electronics have confirmed data theft by the threat actor. On March 1, for example, Nvidia said that “we are aware that the threat actor has taken employee credentials and certain Nvidia proprietary information from our systems and has begun leaking it online.”

The data stolen from Nvidia allegedly included graphics card designs and source code for DLSS, an AI rendering system.

Experts said Lapsus$’s motives were unclear, given the lack of financial demands in the past.

VentureBeat’s mission is to be a digital public square for technical decision makers to learn about transformative enterprise technology and conduct transactions. Learn more


Comments are closed.