Microsoft confirmed a cyberattack by criminal group Lapsus$. Source code was captured.

In a post on its security blog, Microsoft explains the extent of Lapsus$’s access to its systems. A single account was compromised. In its own words, Microsoft’s quick discovery limited the attack’s damage.

The hackers managed to steal source code. No customer data was compromised. Microsoft doesn’t elaborate on the exact source code stolen. Furthermore, the tech giant doesn’t find source code leaks to be of significant risk.

Last Sunday, Lapsus$ laid claim to the newly confirmed attack. The criminal group said it had stolen the source code of Bing, Bing Maps and Cortana. The haul reportedly totals 37GB of data originating from an internal Azure DevOps server.

Lapsus$ background

Microsoft sees Lapsus$ as atypical because they tend to seek publicity for attacks. They also hardly ever cover their tracks. The criminals target organizations in both the public and private sector. Owners of crypto-currencies are of interest as well.

The criminal group exploits an extortion and destruction model without deploying ransomware payloads. They often resort to sim-swapping, paying employees and vendors for access to corporate systems, and hacking the email accounts of employees in target companies.

Recent activity

Lapsus$ is responsible for several recent cyberattacks. The group captured data from Nvidia and Samsung. Reportedly, authentication specialist Okta has been hit as well.