PC Gamer is supported by its audience. When you buy through links on our site, we may earn an affiliate commission. Learn more
By published
Thousands of companies and customers are now on high alert.
Update: Microsoft confirmed the attack in a post last night, noting that it occurred after one of its employee’s accounts was compromised by Lapsus$.
«No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity,» the post reads.
Microsoft then goes on to lay out the groups tactics in detail, and ways to prevent against similar threat actors, so the post is worth a read if you’re looking to tighten up security.
Original story: LAPSUS$, the same hacking group that targeted Nvidia and Samsung of recent, has confirmed it has targeted Microsoft, as well as LG and Okta. The latter would give the hackers access to 15,000 companies worldwide, including Peloton, Sonos and T-Mobile.
In the Microsoft attacks, the group claims to have stolen the source code for not only Bing browser, but also its mapping system and the Cortana assistant. Though El Chapuzas Informatico notes that the group admits it only managed to acquire 90% of the code for Bing Maps, whereas that number sits at around 45% for the code for Cortana and Bing itself. Torrents for both have been released, regardless.
As for LG, a «dump of all hashes for» the company’s employee and service accounts has been leaked, and a «dump of LGs infrastructure confluence will be released soon.» In the official chat announcement, the group taunts LG: «Might be a good idea to consider a new CSIRT team.»
LAPSUS$’s attack on Okta has been proven with released screenshots, and security experts told Reuters they «definitely do believe it is credible.» This is particularly troubling since it’s one of the world’s leading authentication companies for thousands of companies, universities, and government agencies across the globe. I’m sure I don’t need to stress the kind of chaos that could cause, but as Reuters reports, Okta is looking into the security breach now.
«We believe the screenshots shared online are connected to this January event,» Okta official Chris Hollis said in a statement. «Based on our investigation to date, there is no evidence of ongoing malicious activity beyond the activity detected in January.»
Best CPU air coolers: CPU fans that don’t go brrr.
Right now, thousands of companies, and countless customers, are on high alert. Since these are the same hackers that targeted Samsung, and released 190GB of sensitive data, it’s safe to say their threats are not empty.
Their recent attack on Nvidia sent shockwaves, with the hackers threatening to release a bypass of Nvidia’s hash rate limiter. Data stolen from those attacks was used to disguise malware as GPU drivers, so you can imagine what LAPSUS$ and the rest of the malicious few plan to do with Microsoft’s source code.
Screw sports, Katie would rather watch Intel, AMD and Nvidia go at it. She can often be found admiring AI advancements, sighing over semiconductors, or gawping at the latest GPU upgrades. She’s been obsessed with computers and graphics since she was small, and took Game Art and Design up to Masters level at uni. Her thirst for absurd Raspberry Pi projects will never be sated, and she will stop at nothing to spread internet safety awareness—down with the hackers.
Sign up to get the best content of the week, and great gaming deals, as picked by the editors.
Thank you for signing up to PC Gamer. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.
PC Gamer is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.
© Future US, Inc. Full 7th Floor, 130 West 42nd Street, New York, NY 10036.
