The Lapsus$ hacking group claims it has struck Microsoft, and leaked 37GB of source code data it purports to have stolen from the computer giant.
In a post on its Telegram channel, the hacking group posted a screenshot which indicated that it had hacked Microsoft’s Azure DevOps server, which contained the source code for Bing, Cortana, and other internal projects.
Not long after the screenshot was shared, Lapsus$ posted a torrent link for a 9GB 7zip archive, which it claimed had the source code for more than 250 of Microsoft’s projects. The group also purported that the zip file contained 90% of the source code of Bing, Microsoft’s web browser, and had 45% of Bing Maps and Cortana, Microsoft’s virtual assistant app.
Security researchers told BleepingComputer that the files appear to be legitimate Microsoft internal source code. The tech news website was also informed that some of the leaked projects included emails and documentation that were clearly used by Microsoft engineers to publish mobile apps.
Microsoft is far from the only high-profile target the Lapsus$ gang has targeted in recent times. Two weeks ago, the group claimed responsibility for the “cyber incident” that affected game developer Ubisoft, which forced the company to do a "company-wide password reset” as a precaution.
Lapsus$ was also the hacking group responsible for the cyberattack against Samsung Electronics earlier this month. Much like the recent Microsoft incident, the group leaked a 90GB cache of confidential data from the Korean electronics firm – the leaked data included source code for some of Samsung’s devices and servers, as well as authentication technology.