The latest victim of Lapsus$ cybercrime may be Microsoft and authentication services provider Okta

Hacking group on the way to progress

An image with a lock representing cyber security

Darwin Laganzon’s photo from Pixabay

Cybercrime is the curse of the internet. Time and time again we have seen companies fall prey to hackers. T-Mobile was attacked last year, while Nvidia and Samsung came under threat more recently. Some of these breaches result in little or no data exposure, while others end up with potential loss of disruptive data. That may be the case in the latest settlements by Microsoft and popular authentication service provider Okta Inc.

As reported by Bleeping Computer, it appears that hacking group $Lapsus obtained data from Microsoft servers, extracting parts of the source code for Bing, Cortana, and other internal projects on Sunday. It appears that only parts of the source code have been leaked, as the hacking group published a torrent containing 9GB of data on Monday. Bleeping Computer supposedly has sources telling it that the group has a total of 37GB of Microsoft data in its possession, so there may be more to come. Microsoft is currently looking into these claims.


Meanwhile, Okta is investigating a possible hack after hacking group Lapsus$ posted screenshots on Telegram that purportedly show the company’s internal corporate environment, according to Reuters. Images, as seen in a tweet by independent security researcher Bill Demirkapi, suggest that $Lapsus may have gained access to a range of interfaces, including Okta Slack channels, the company’s VPNs, and a Cloudflare tenant, possibly with the ability to replay Employee appointment. passwords.

$Lapsus says its focus is solely on Okta customers, but the troubling part of the report is that the group claims to have had access to Okta’s systems for two months, which correlates with the date in the screenshots (it appears consistently on January 21, 2022). The situation becomes even more dire when you realize that Okta serves tens of thousands of customers around the world, including government agencies, universities, and well-known companies such as T-Mobile, Peloton, Sonos and FCC.

Despite the hype, Okta played down the incident in a statement to The Verge. Official Chris Hollis said the company discovered an attempt to hack a third-party customer support engineer working for one of its subprocessors in late January. However, it was investigated and contained and there has been no evidence of an ongoing attack since then. The report notes that the screenshots could be linked to the January incident.

Lapsus$ is a household name in the world of cybercrime. It hacked Nvidia’s intranet last month and stole a lot of sensitive data — including hashed login credentials and important trade secrets behind the company’s chips — that it threatened to reveal. The cyber gang also targeted Samsung earlier this month, scraping away vital information, such as biometric unlocking algorithms and the company’s source codes.

Samsung March 2022 security update available for more Galaxy devices globally

read the following

About the author