[BreachExchange] Microsoft may have been hit by the same hackers who went after NVIDIA

[Terrell Byrd]

https://www.windowscentral.com/microsoft-may-have-been-hit-same-hackers-who-went-after-nvidia

Well-known hacking group Lapsus$ claimed that it gained access to
Microsoft's internal systems, according to a report by Motherboard. Lapsus$
has stolen data from NVIDIA, Samsung, and other companies in the past. The
hacking group often demands ransom payments from the large corporations
that it infiltrates. A Microsoft spokesperson confirmed that it is looking
into the claim in a statement to Motherboard.

Lapsus$ differs from other hacking groups in several ways. The group does
not use ransomware. Instead, it steals data and then blackmails its
targets. Lapsus$ also makes unique demands to the organizations it goes
after. It threatened to, and later did, release NVIDIA's DLSS source code
after demanding that the company remove mining performance limits on its
RTX 30-series graphics cards.

On Sunday, March 20, 2022, Lapsus$ shared a screenshot of an internal
Microsoft developer account, according to Motherboard. The information was
posted on Lapsus$'s Telegram channel and then removed. "Deleted for now
will repost later," said Lapsus$ of the screenshot.

The image showed references to "Bing_UX," "Bing-Source," and "Cortana." It
also lists "mscomdev," "microsoft," and "msblox."

Motherboard highlights that Lapsus$ was looking for Microsoft employees and
insiders to share information earlier this month. "TO NOTE: WE ARE NOT
LOOKING FOR DATA, WE ARE LOOKING FOR THE EMPLOYEE TO PROVIDE US A VPN OR
CITRIX TO THE NETWORK, or some anydesk," said Lapsus$ in a message.

No demands to Microsoft from Lapsus$ have been spotted at this time.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220321/c979d21b/attachment.html>