Hacker Group Lapsus$ Gained 'Limited Access' to Source Code, Microsoft Confirms

After conducting an investigation, Microsoft on Tuesday confirmed that the hacker group Lapsus$ compromised “a single account” and gained "limited access," presumably to the source code of some of its products.

However, it said that no customer code or data was involved in the observed activities.

Lapsus$, which Microsoft calls DEV-0537, has claimed to have hacked some of the world's largest technology companies, including Nvidia, LG, and Samsung. It also said it gained access to identity-management firm Okta Inc's systems.

In its blog post Microsoft claimed that its security teams have been actively tracking this "large-scale social engineering and extortion campaign against multiple organizations."

It said that its cybersecurity response teams quickly engaged the hackers mid-breach to shut it down and insisted that the leaked source code is not enough to compromise its applications.

Lapsus$ also appears to have shot itself in the foot by publicly disclosing their attack on Microsoft.

"Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion. This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact," said Microsoft.

According to Microsoft's investigation, the group uses social engineering to gather knowledge about their target’s business operations. It is also known to pay employees at these organisations or its business partners for access to credentials.