Hackers Post Images Showing probable Microsoft Breach

The same cybercriminal team that recently breached Nvidia shares a screenshot that suggests the hackers also gained access to Bing’s source code.

The hacking group that last month breached Nvidia now says it also infiltrated Microsoft, and the company is investigating.

The hacking group, called LAPSUS$, on Saturday briefly shared a screenshot that suggests that it gained internal access to projects relating to Microsoft’s Bing search engine and the company’s voice assistant Cortana.

LAPSUS$ has since taken the screenshot down from the group’s public chatroom. But copies of the image show that the hackers gained access to an account on Microsoft’s Azure DevOps, a product that helps computer programmers collaborate on coding projects together.

The screenshot also shows several folders in the account, one of which is titled “Bing-Source,” and says “The central project for storing all of Bing Source code.”

Another folder is titled “Cortana,” and says “The main Cortana project. Over time, all of Cortana-related code and work items should be managed via this project.”

Microsoft tells Motherboard: “We are aware of the claims and are investigating.”

It’s not clear why LAPSUS$ deleted the screenshot, but the post was likely a tease to gain publicity. The group has since written in its public chat group: “deleted for now will report later.”

If the hack is real, then LAPSUS$ is almost certainly looking to sell off any data it stole from Microsoft for a high price. Last month, the group said that it stole 1TB of data from Nvidia, including information on how to unlock a cryptocurrency-mining restriction on the company’s graphics cards. LAPSUS$ then tried to sell the cryptocurrency-mining bypass for $1 million.

The group also said that it would release confidential files about Nvidia’s hardware unless the company open-sourced all its GPU drivers. However, LAPSUS$ has yet to carry out the threat which could mean the hacking group never had such data, or that it’s been successfully selling off the information. Since then, the group has also claimed it hacked Samsung by dumping internal files from the Korean company.