Microsoft source codes for Bing and Cortana stolen by the LAPSU$ group

3 min. read

Updated onMarch 23, 2022

updated onMarch 23, 2022

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Key notes

Supposedly, this hack is actually linked to the LAPSU$ group, which also conducted attacks on major companies such as Nvidia, Samsung, and Vodafone.

Evidence of what transpired was published on Twitter, in the form of screenshots showing a Telegram conversation and what appears to be an internal folder listing of Microsoft source code repositories.

The above-mentioned pictures indicate that the cybercriminals downloaded source codes of Cortana and several Bing services.

Microsoft unable to protect its own source code

UPDATE:Microsoft confirms the attackand says that the LAPSU$ group has expanded its scope in recent times to target a large number of corporate and individual entities all across the globe.

It normally utilizes phone-based social engineering, SIM-swapping, and bribing employees to gain access to multi-factor authentication (MFA) systems and internal systems.

Some of their other methods also include deploying password stealers, analyzing public code repositories to spot rogue credentials, and purchasing credentials from criminal forums.

You can think of the LAPSU$ group as a bit different because, unlike most such groups, this one tries to get a ransom for downloaded data from the companies that it attacked.

LAPSU$ may have downloaded the source code from what appears to be Bing, Bing Maps, and Cortana.

It is unclear at this point whether the full source codes have been downloaded by the attackers, and whether other Microsoft applications or services are included in the dump.

As source codes may contain valuable information, they can be analyzed for security vulnerabilities that other malicious third parties could exploit.

Lapsus$ has released what claimed to be some of the source codes for Bing, Bing Maps and Cortana.pic.twitter.com/ybntf4i7lq

Also possible is that these source codes include valuable items such as code signing certificates, access tokens, or API keys, which can also be leveraged.

That being said, the Redmond-based tech giant has a development policy in place thatactually stopsthe inclusion of such items.

After learning of what had just transpired, Redmond officials had this to say about it:

The search terms used by the actor indicate the expected focus on attempting to find secrets. Our development policy prohibits secrets in code and we run automated tools to verify compliance.

Even though the evidence is pretty compelling, there is still a lot of uncertainty as to what really happened between Microsoft and LAPSU$.

However, looking back and judging purely based on the hacking group’s track record, it is likely that the reported hack did actually occur.

The question of whether the downloaded data is valuable enough to get a ransom from Microsoft for not publishing it on the Internet is open for debate.

What is your opinion on the matter? Share your thoughts with us in the comments section below.

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low#

Copilot in Outlook will generate personalized themes for you to customize the app#

Microsoft will raise the price of its 365 Suite to include AI capabilities#

Death Stranding Director’s Cut is now Xbox X|S at a huge discount#

Outlook will let users create custom account icons so they can tell their accounts apart easier#

Microsoft source codes for Bing and Cortana stolen by the LAPSU$ group#

Microsoft unable to protect its own source code#

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Microsoft source codes for Bing and Cortana stolen by the LAPSU$ group

Microsoft unable to protect its own source code