The hacker group Lapsus$ has hacked Microsoft. Hackers have now released the source code for the Bing search engine, Cortana language assistant, and other Microsoft products.
Early on Sunday morning, hacker group Lapsus$ posted a screenshot on their Telegram channel, which was said to show that they had hacked the US technology group Microsoft.
Hackers are said to have gained access to a Microsoft developer account and stole the source code of several Microsoft products – including the Bing search engine, Cortana language assistant, and other internal projects.
Security researchers confirm the validity of the published data
On Monday night, the group then released a 9GB archive file that was said to contain the source code for more than 250 of the US company’s projects. Hackers claim that this is about 90 percent of Bing and about 45 percent of Bing Maps and Cortana code.
As reported by the online magazine Bleeping Computer, security researchers have confirmed that these are legitimate files from Microsoft. According to experts, there are also several internal projects, emails and documents that are said to have come from the engineers in the group.
At the request of Bleeping Computer, Microsoft confirmed the cyber attack and announced that the incident is currently under investigation and the severity of the hack is being determined.
More high-level goals
Microsoft isn’t the first high-profile target set by $Lapsus. The group specializes in attacking company servers with malware in order to gain access to company systems.
Once the group obtains sensitive data, the companies involved are blackmailed and victims are threatened with the release of internal data. In the past, hackers have already hacked Samsung, Ubisoft and also Nvidia and as a result they were able to get secret codes.
Experts assume that cyber attacks are due to insider knowledge from the companies themselves. According to Windows Central, the hacker group will focus on hiring employees of technology companies who have the necessary knowledge and access rights to access sensitive data.