Earlier this week, a relatively new hacker group called Lapsus$ claimed to have obtained source code for a variety of Microsoft products, which it then shared with its followers. Today, Microsoft confirmed that the Lapsus$ attack was real, and that a small portion of source code was obtained by the attackers. However, Microsoft denied that there's any danger associated with this particular attack.

For one thing, only a single account on Microsoft's side was compromised, and it had limited access to only some files. Microsoft's security team was already looking into this specific account prior to the attack based on threat intelligence, so it was able to respond quickly. Microsoft says it managed to stop the attackers mid-operation, so it prevented more data from being accessed and disclosed.

As you might have expected, the data only included source code for some apps and services, such as Bing and Cortana, and no customer data was exposed as a result of the attack. Microsoft also says that the secrecy of its code isn't considered a security measure, and thus, having that code made visible to the general public doesn't result in any kind of additional risk for users.

With that being said, Microsoft says it has been tracking Lapsus$ due to their recent attacks on various companies, including Samsung, whose source code for Galaxy phones was exposed this way. While this particular attack against Microsoft doesn't pose any danger to customers, businesses and users should still be wary of other harmful attempts in the future. Microsoft recommends enforcing multifactor authentication (MFA), using passwordless authentication methods when possible, and making sure passwords aren't easy to guess. Additionally, Microsoft says to avoid using MFA methods such as SMS messaging or simple pop-up prompts.

According to Microsoft, Lapsus$ relies on purchasing authentication credentials from corporate insiders and underground online forums, as well as searching public repositories and the Redline password stealer to help carry out these attacks. Strong MFA enforcements should greatly reduce the risk for businesses and their customers.


Source: Microsoft