Not even the giants escape! – CNN Portugal
When everything indicates that the weekend was going to be calm and I was walking through Beira de Portugal with the family, behold, I jump out of the car seat with only a pop-up on my phone screen. I look at my Twitter and in seconds I frown and I remember a motto I read a few years ago that said: “it’s time to go to Cloud”. With the family asleep, I stop at the gas station to look at the phone and say in a loud voice and only to myself: But what is this? This is the attack of the year or perhaps even the last few years.
I click on the notification, save the alleged ones and quickly this message will be changed by a proof, now reposted later.
Without much ado, and according to the social networks of the hacker group Lapsus, Microsoft was allegedly hacked by this group. When I say that Microsoft was allegedly hacked, I’m not saying it as a whole, but in a small part, but not least because it’s a DevOps account on Microsoft’s own Azure. Small in actions but colossal in repercussions.
Figure 1 – Source: Lapsus Telegram Group
According to the images shared, important and these are indeed important, this is a very important Microsoft account, one of many is for sure, but the one where projects are extremely like Bing and Cortana. If this turns out to be almost one, not everyone knows what to write Microsoft has a public migration strategy for the technological cloud a leader in this sector or involves a sector in this sector, it has in its portfolio the second entity of Cloud services in the world, Azure, and this market holds 20% of the world’s share in a business that globally represents 300 billion dollars.
Figure 2 – Source: Lapsus Telegram Group
The damage is impossible to calculate with regard to the prestige of this company that the fight toe-to-toe with AWS and that its maintenance service in the cloud as its revenue hopes for years to come.
Looking carefully at the details in the image of this possible leak that I am transcribing, there is soon a series of names that stand out for their size, for the indication of availability below the totality of the source code and, in a particular case and in my humble critical opinion, the Microsoft’s personal assistant Cortana, that element always listening for voice commands.
- Bing_STC-SV: The project contains the source code for several Bing engineering projects in the Silicon Valley office
- Bing_Test_Agile: This is the test project for Bing using the Agile model.
- Bing_UX: Bing.com frontend (SNR) and other related UX codebase
- Bing Cubator
- Bing Source Code: The central project for storing all of the Bing source code.
- Compliance_Engineering: Project of the WebXT Compliance Engineering team.
- Cortana: The main Cortana project, its related code, and work items.
- creative creation
This entire list contains projects that have actually been violated or their source has been coded, so the damage done to Microsoft is incalculable, to the future of the strategy of everything, it is a wall in the stomach of one of the biggest companies in the world that has the objective to take as many companies in the world as possible to the cloud.
But who is this Lapsus group and what do they want? For the unknowns were chosen to be responsible for the attack on Impres and more recently it was us who were executed even the perpetrators on Vodafone. They are a group of ransomware, one of many that now exist in the outside world, with links in various latitudes, but above all and now more recently known, with immense hosts in Russia.
group aims at the theft of code- and digital certificates, this is a nightmare that can have unimaginable images for entities that lose this code to these customers. In the case of the digital wallet, if the Microsoft certificate components (HSM) were identified as one of the projects on the list, how can it be the springboard and which can jump to the vault, Microsoft’s security component then, other attacks globe forums. If the question at the moment is “how?”, in an isolated way from the many possible ones, I highlight the possibility of digitally designating the code of theirs to stop being a stranger to the systems that in, defeating the defenses that it finds, as was done in the attack. to Nvidia when compromised two signing certificates.
This is probably a group that is an agglomeration of several that operate unavoidably from Russian territory, but which are quickly predicted to not exist as dangerous and to be feared. Lapsus starts to show what’s coming and to show that the entire computing industry is authentic Swiss cheese in benchmarks in KPI infrastructure and effective knowledge of computer security.
It is the concern and perhaps behind the smokescreen that is Ukraine, this group reveals itself at the origin and, given the targets it chooses, the complexity of its attacks, what it seeks to extract and seek to seek and above all for the war, the way it chooses relate in a joking tone to what you are doing. Anyone who thinks they are amateurs or that they are just children is wrong. Anyone who thinks this group is civilian is mistaken. It is wrong to think that this stopped here because in the list above is the source code of Bing and as both know Google’s companion and know a lot about everyone’s lives.