Microsoft confirms hacker group Lapsus$ breached its programs

The software program large had been monitoring the actions of Lapsus$ — which it labels a “large-scale social engineering and extortion campaign” — for a number of weeks and offered some particulars on the strategies of its assaults in a weblog submit late Tuesday. Lapsus$ had beforehand breached the cybersecurity defenses of Nvidia Corp. and Samsung Electronics Co., and this week additionally claimed to have gained entry to the system privileges of Okta, the San Francisco-based firm that manages person authentication providers for 1000’s of company shoppers.

“Our investigation has found a single account had been compromised, granting limited access,” Microsoft mentioned. “Our cybersecurity response teams are quickly engaged to remediate the compromised account and prevent further activity. Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk.”

The hacking group, which has been given the designation DEV-0537 by Microsoft’s cybersecurity researchers, has been increasing the geographic vary of its targets and going after authorities organizations in addition to the tech, telecom and health-care sectors, in line with the weblog submit . They are additionally recognized for hijacking cryptocurrency accounts, Microsoft mentioned.

Lapsus$ has made claims on social media that it is infiltrated a number of massive tech corporations in addition to Microsoft. Its Telegram channel was first to announce the Microsoft and Okta breaches this week and likewise included point out of breaching worker accounts of LG Electronics Inc.

“Unlike most activity groups that stay under the radar, DEV-0537 doesn’t seem to cover its tracks,” mentioned Microsoft, based mostly in Redmond, Washington. “They go as far as announcing their attacks on social media or advertising their intent to buy credentials from employees of target organizations.”