• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Microsoft Also Falls Victim to Hacking Group LAPSUS$

Joined
Mar 31, 2020
Messages
1,519 (1.04/day)
The hacking group LAPSUS$ responsible for the recent NVIDIA and Samsung compromises has now allegedly breached Microsoft systems gaining access to the source code for Bing and Cortana. The group temporarily published a screenshot of what looked to be an internal Microsoft developer account with access to folders labeled "Bing_UX", "Bing-Source", and "Cortana" in addition to various other sections. The group had previously posted a message seeking to recruit employees at Microsoft, Apple, and IBM to get remote access to companies systems. Microsoft has confirmed in a statement to Motherboard that they "are aware of the claims and are investigating".

Update Mar 23rd: The hackers have now published a 9 GB torrent file which includes data from over 250 Microsoft projects including 90% of the source code for Bing, and approximately 45% of the source code for Bing Maps and Cortana according to security researchers speaking with BleepingComputer.



View at TechPowerUp Main Site | Source
 

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
46,283 (7.69/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
TF, if they could breach security of tech firms with such ease, big banks with trillions of dollars in AUM, which use third-party cybersec firms, are screwed.

I know, Evilcorp, Allsafe, Mr Robot. We are living in a meme world where all that is possible.
 
Joined
Oct 16, 2018
Messages
954 (0.48/day)
Location
Uttar Pradesh, India
Processor AMD R7 1700X @ 4100Mhz
Motherboard MSI B450M MORTAR MAX (MS-7B89)
Cooling Phanteks PH-TC14PE
Memory Crucial Technology 16GB DR (DDR4-3600) - C9BLM:045M:E BL16G36C16U4W.M16FE1 X2 @ CL14
Video Card(s) XFX RX480 GTR 8GB @ 1408Mhz (AMD Auto OC)
Storage Samsung SSD 850 EVO 250GB
Display(s) Acer KG271 1080p @ 81Hz
Power Supply SuperFlower Leadex II 750W 80+ Gold
Keyboard Redragon Devarajas RGB
Software Microsoft Windows 10 (10.0) Professional 64-bit
Benchmark Scores https://valid.x86.fr/mvvj3a
TF, if they could breach security of tech firms with such ease, big banks with trillions of dollars in AUM, which use third-party cybersec firms, are screwed.

I know, Evilcorp, Allsafe, Mr Robot. We are living in a meme world where all that is possible.
My feeling is that it's insider information from disgruntled ex/employees that is the biggest security threat to these Companies
 
Last edited:
Joined
Aug 20, 2007
Messages
20,714 (3.41/day)
System Name Pioneer
Processor Ryzen R9 7950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage 2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches
Software Windows 11 Enterprise (legit), Gentoo Linux x64
I know, Evilcorp, Allsafe, Mr Robot. We are living in a meme world where all that is possible.
Only for companies that don't take security seriously enough.

Yes, Microsoft is one of them. Hacking isn't a magic key.
 
Joined
Nov 18, 2010
Messages
7,109 (1.46/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor AMD RYZEN 9 5950X
Motherboard ASUS Strix X570-E
Cooling 2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory 4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s) Sapphire Pulse RX 7900XTX + under waterblock.
Storage Optane 900P[W11] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO[FEDORA]
Display(s) Philips PHL BDM3270 + Acer XV242Y
Case Lian Li O11 Dynamic EVO
Audio Device(s) Sound Blaster ZxR
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer BlackWidow V3 - Yellow Switch
Software FEDORA 39 / Windows 11 insider
All those products are kinda canned. Especially Cortana development. It ceased to develop for two years ago. Microsoft kinda agreeing defeat with Amazon Alexa and Google Home. Many features are cut down and stripped.

If that is the only thing... then meh... leaks from Microsoft happen VERY often, without any hacker help.
 

Mussels

Freshwater Moderator
Staff member
Joined
Oct 6, 2004
Messages
58,413 (8.21/day)
Location
Oystralia
System Name Rainbow Sparkles (Power efficient, <350W gaming load)
Processor Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard Asus x570-F (BIOS Modded)
Cooling Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory 2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s) Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage 2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s) Phillips 32 32M1N5800A (4k144), LG 32" (4K60) | Gigabyte G32QC (2k165) | Phillips 328m6fjrmb (2K144)
Case Fractal Design R6
Audio Device(s) Logitech G560 | Corsair Void pro RGB |Blue Yeti mic
Power Supply Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse Logitech G Pro wireless + Steelseries Prisma XL
Keyboard Razer Huntsman TE ( Sexy white keycaps)
VR HMD Oculus Rift S + Quest 2
Software Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores Nyooom.
TF, if they could breach security of tech firms with such ease, big banks with trillions of dollars in AUM, which use third-party cybersec firms, are screwed.

I know, Evilcorp, Allsafe, Mr Robot. We are living in a meme world where all that is possible.
They can literally put up ads in places saying "work for big tech? We'll pay big dollars for info" and frikkin advertise that they want you to sell out


This may delve into politics but the US is a country that has lots of people in debt for various reasons, some of them get desperate and would absolutely 'open an innocent email' on a work PC for a bitcoin
 
Joined
Jul 5, 2013
Messages
25,559 (6.52/day)
The hacking group LAPSUS$ responsible for the recent NVIDIA and Samsung compromises has now allegedly breached Microsoft systems gaining access to the source code for Bing and Cortana.
I'm really starting to like these people..
Whats their demands- stop telemetery, advertisements on windows?
Sure, why not! Seems reasonable.
but the US is a country that has lots of people in debt for various reasons,
Not any more or less than anywhere else. For example, I have no debt to speak of.
 
Joined
Mar 20, 2019
Messages
556 (0.30/day)
Processor 9600k
Motherboard MSI Z390I Gaming EDGE AC
Cooling Scythe Mugen 5
Memory 32GB of G.Skill Ripjaws V 3600MHz CL16
Video Card(s) MSI 3080 Ventus OC
Storage 2x Intel 660p 1TB
Display(s) Acer CG437KP
Case Streacom BC1 mini
Audio Device(s) Topping MX3
Power Supply Corsair RM750
Mouse R.A.T. DWS
Keyboard HAVIT KB487L / AKKO 3098 / Logitech G19
VR HMD HTC Vive
Benchmark Scores What's a "benchmark"?
Oh no, so horrible! Is there a petition I can sign to give Microsoft a bunch of public money to ease their hardship?
I'm really starting to root for the likes of LAPSUS$.
 
Joined
Sep 17, 2014
Messages
20,781 (5.97/day)
Location
The Washing Machine
Processor i7 8700k 4.6Ghz @ 1.24V
Motherboard AsRock Fatal1ty K6 Z370
Cooling beQuiet! Dark Rock Pro 3
Memory 16GB Corsair Vengeance LPX 3200/C16
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Samsung 850 EVO 1TB + Samsung 830 256GB + Crucial BX100 250GB + Toshiba 1TB HDD
Display(s) Gigabyte G34QWC (3440x1440)
Case Fractal Design Define R5
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse XTRFY M42
Keyboard Lenovo Thinkpad Trackpoint II
Software W10 x64
Joined
Feb 20, 2019
Messages
7,194 (3.86/day)
System Name Bragging Rights
Processor Atom Z3735F 1.33GHz
Motherboard It has no markings but it's green
Cooling No, it's a 2.2W processor
Memory 2GB DDR3L-1333
Video Card(s) Gen7 Intel HD (4EU @ 311MHz)
Storage 32GB eMMC and 128GB Sandisk Extreme U3
Display(s) 10" IPS 1280x800 60Hz
Case Veddha T2
Audio Device(s) Apparently, yes
Power Supply Samsung 18W 5V fast-charger
Mouse MX Anywhere 2
Keyboard Logitech MX Keys (not Cherry MX at all)
VR HMD Samsung Oddyssey, not that I'd plug it into this though....
Software W10 21H1, barely
Benchmark Scores I once clocked a Celeron-300A to 564MHz on an Abit BE6 and it scored over 9000.
If Bing and Cortana die a horrible death because of this I will be very pleased.
Microsoft deserve all the bile and vitriol they've earned with those two words.
 
Joined
Jul 10, 2017
Messages
2,671 (1.09/day)
TF, if they could breach security of tech firms with such ease, big banks with trillions of dollars in AUM, which use third-party cybersec firms, are screwed.

I know, Evilcorp, Allsafe, Mr Robot. We are living in a meme world where all that is possible.
You didn't pay enough attention to the series, I see? Even there, hackers exploited the weakest link first - humans.

You probably won't believe how easy is to 'hack' a person. Social engineering is the greatest tool for every hacker and group.
 
Joined
Jan 24, 2022
Messages
456 (0.57/day)
Maybe they'll be kind enough to create a proggy called "Kill Cortana" that actually works.
Ever heard of winget uninstall cortana? Yeah, that works.

If Bing and Cortana die a horrible death because of this I will be very pleased.
Microsoft deserve all the bile and vitriol they've earned with those two words.
Being cynical. Hip with the techies, isn't it. You guys just looove to whine about every single thing. I've personally used Bing and it's not all that bad considering services like DDG also use it. But I'll give you that for Cortana, never liked her and promptly destroyed her from my machine, the only preinstalled thing I remove.

Whats their demands- stop telemetery, advertisements on windows?
Want to stop telemetry, to have privacy, all that stuff? You're not safe even if you don't use Windows. Kindly unplug your ethernet cable and ditch your ISP. You're not safe even then. Tracking exists in the form of SIM cards, credit cards, and a plethora of others.

And you live in a capitalist dystopia. Like it or not, you're going to get advertisements. Personally it took me less than 30 seconds to unpin all that stuff from the start menu in Windows 11 (which isn't even installed unless you click on it - they're basically shortcuts) and replace them with my own stuff. Do consider this - some people use those.

Despite how much I paid for Windows and despite the advertisements it comes with, I can easily remove them, it does not affect performance, they do not come back after a feature update, and it's still the best OS I've ever used having tried Linux on bare metal for months. I still regret doing that to this day. Their user base still has me convinced they crawl straight out of the 10th circle of hell.

Ads in explorer, I hear you furiously typing? Those are tips and tricks to remind ignorant idiots to back up their files once in a while. Or they're promotions for MS's other products that some people might find useful. Power users can simply dismiss those. But God forbid Microsoft promotes their own products in their own OS. Apple does it too but who gives a shit about that, huh. Only when MS does anything do people huff and puff their rage out.

I've been living a much more relaxed and productive life once I stopped trying my futile attempts to block corporations tracking me. I sadly can't do anything about it, so why should I care anymore.

I'm really starting to root for the likes of LAPSUS$.
Bad idea. You don't know the ulterior motives of these pricks.

I've legitimately seen the same regurgitated thoughts about Microsoft in just about every single thread. This is comparative to the standard horde hate of Epic, for example. Yes, we get it, you have a hate boner for Microsoft. How long are you gonna go out announcing it to the world until you're satisfied, and turning threads into pointless debates?

Anyway, the time for dispelling my pent up emotions is over and I'd suggest you check out line two of my signature before you bother to reply. Who are these LAPSUS$, some new cool kids on the block? Thinking they're big shit going around hacking everyone? Well they're not impressing me. Take down the entire Fortune 500 list and we'll talk. Maybe not even then. I can never sympathize with hacker groups.
 
Last edited:
Joined
Jul 5, 2013
Messages
25,559 (6.52/day)
If Bing and Cortana die a horrible death because of this I will be very pleased.
You are FAR from alone in that opinion. Bing is a pathetic search engine. AltaVista was better 20 years ago than Bing is now. I won't start in on Cortana as I'm sure none of you want to read that rant again...

Maybe they'll be kind enough to create a proggy called "Kill Cortana" that actually works.
CCleaner has an uninstall function that work perfectly.
 
Joined
Feb 20, 2019
Messages
7,194 (3.86/day)
System Name Bragging Rights
Processor Atom Z3735F 1.33GHz
Motherboard It has no markings but it's green
Cooling No, it's a 2.2W processor
Memory 2GB DDR3L-1333
Video Card(s) Gen7 Intel HD (4EU @ 311MHz)
Storage 32GB eMMC and 128GB Sandisk Extreme U3
Display(s) 10" IPS 1280x800 60Hz
Case Veddha T2
Audio Device(s) Apparently, yes
Power Supply Samsung 18W 5V fast-charger
Mouse MX Anywhere 2
Keyboard Logitech MX Keys (not Cherry MX at all)
VR HMD Samsung Oddyssey, not that I'd plug it into this though....
Software W10 21H1, barely
Benchmark Scores I once clocked a Celeron-300A to 564MHz on an Abit BE6 and it scored over 9000.
Being cynical. Hip with the techies, isn't it. You guys just looove to whine about every single thing. I've personally used Bing and it's not all that bad considering services like DDG also use it.
Bing works just fine. It's not as effective as Google and I don't personally like it but it does at least work and people who prefer the way Yahoo indexes the 'net over Google do still exist.

No, the hate for Bing is the way Microsoft shove it down everyone's throat relentlessly, illegally, and despite multiple efforts from users/sysadmins/developers to workaround the behaviour. Bing is tied to Edge, and Edge is part of windows whether you want it to be or not. Even with third party apps installed to quell the tide of Bing and Edge, Microsoft will ignore your efforts at some point with an update and replace your choices with Edge, Bing, remind you to use a Microsoft Account, and re-enable all the telemetry options you opted out of multiple times already.

Most of the current antitrust lawsuits against Microsoft are to do with search engine choice, browser choice, and Microsoft are currently being subpoena'd in two international jurisdictions for failure to comply with the courts.
 
Joined
Dec 30, 2010
Messages
2,082 (0.43/day)
TF, if they could breach security of tech firms with such ease, big banks with trillions of dollars in AUM, which use third-party cybersec firms, are screwed.

I know, Evilcorp, Allsafe, Mr Robot. We are living in a meme world where all that is possible.

So far this looks like a dev account from some developer, social engineering, phishing or just reckless with his or their code, that gained access.

Still does'nt prove the systems of MS itself "got" hacked. But with access to source code, you might as well look for backdoors now on Bing for example.
 
Joined
Apr 24, 2008
Messages
1,870 (0.32/day)
Processor RyZen R9 3950X
Motherboard ASRock X570 Taichi
Cooling Coolermaster Master Liquid ML240L RGB
Memory 64GB DDR4 3200 (4x16GB)
Video Card(s) RTX 3050
Storage Samsung 2TB SSD
Display(s) Asus VE276Q, VE278Q and VK278Q triple 27” 1920x1080
Case Zulman MS800
Audio Device(s) On Board
Power Supply Seasonic 650W
VR HMD Oculus Rift, Oculus Quest V1, Oculus Quest 2
Software Windows 11 64bit
If it were source code for Office and Windows that might be a bit more concerning (for Microsoft) but Bing and Cortana,….meh. No one cares about Bing and Cortana.
 
Joined
Feb 20, 2020
Messages
9,162 (6.11/day)
Location
Louisianna
System Name Ghetto Rigs z490|x99|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor 10900k w/Optimus Foundation | 5930k w/Black Noctua D15
Motherboard z490 Maximus XII Apex | x99 Sabertooth
Cooling oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block | Blk D15
Memory Trident-Z Royal 4000c16 2x16gb | Trident-Z 3200c14 4x8gb
Video Card(s) Titan Xp-water | evga 980ti gaming-w/ air
Storage 970evo+500gb & sn850x 4tb | 860 pro 256gb | Acer m.2 1tb/ sn850x 4tb| Many2.5" sata's ssd 3.5hdd's
Display(s) 1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case D450 | Cherry Entertainment center on Test bench
Audio Device(s) Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply EVGA 1000P2 with APC AX1500 | 850P2 with CyberPower-GX1325U
Mouse Redragon 901 Perdition x3
Keyboard G710+x3
Software Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores Are in the benchmark section
Hi,
Not using win-11 :eek:

Not tough to find a insider microsoft loves the h-b1 program.
 
Joined
Dec 16, 2017
Messages
2,722 (1.19/day)
Location
Buenos Aires, Argentina
System Name System V
Processor AMD Ryzen 5 3600
Motherboard Asus Prime X570-P
Cooling Cooler Master Hyper 212 // a bunch of 120 mm Xigmatek 1500 RPM fans (2 ins, 3 outs)
Memory 2x8GB Ballistix Sport LT 3200 MHz (BLS8G4D32AESCK.M8FE) (CL16-18-18-36)
Video Card(s) Gigabyte AORUS Radeon RX 580 8 GB
Storage SHFS37A240G / DT01ACA200 / WD20EZRX / MKNSSDTR256GB-3DL / LG BH16NS40 / ST10000VN0008
Display(s) LG 22MP55 IPS Display
Case NZXT Source 210
Audio Device(s) Logitech G430 Headset
Power Supply Corsair CX650M
Mouse Microsoft Trackball Optical 1.0
Keyboard HP Vectra VE keyboard (Part # D4950-63004)
Software Whatever build of Windows 11 is being served in Dev channel at the time.
Benchmark Scores Corona 1.3: 3120620 r/s Cinebench R20: 3355 FireStrike: 12490 TimeSpy: 4624
Not true, Edge can be forcibly removed. Easily too!
Eh, we're talking more about a "uninstall Edge" button that should come with Windows, and actually uninstall Edge (or at least pull a Windows features and disable it system wide). Not something we have to dig out through PowerShell or by using a third-party application.
 
Joined
Feb 20, 2020
Messages
9,162 (6.11/day)
Location
Louisianna
System Name Ghetto Rigs z490|x99|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor 10900k w/Optimus Foundation | 5930k w/Black Noctua D15
Motherboard z490 Maximus XII Apex | x99 Sabertooth
Cooling oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block | Blk D15
Memory Trident-Z Royal 4000c16 2x16gb | Trident-Z 3200c14 4x8gb
Video Card(s) Titan Xp-water | evga 980ti gaming-w/ air
Storage 970evo+500gb & sn850x 4tb | 860 pro 256gb | Acer m.2 1tb/ sn850x 4tb| Many2.5" sata's ssd 3.5hdd's
Display(s) 1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case D450 | Cherry Entertainment center on Test bench
Audio Device(s) Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply EVGA 1000P2 with APC AX1500 | 850P2 with CyberPower-GX1325U
Mouse Redragon 901 Perdition x3
Keyboard G710+x3
Software Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores Are in the benchmark section
Hi,
Not sure removing would matter a large update would just reinstall missing bits plus sfc/ scannow too
Best just to disable with reg's sadly I have a shitload of them
I really need to combine them all one day so it's just one reg merge.
 
Joined
Jul 5, 2013
Messages
25,559 (6.52/day)
Not sure removing would matter a large update would just reinstall missing bits plus sfc/ scannow too
That's true unless you leave the folders present and use the security settings to deny "System" user and "Trusted Installer" user access to those folders.
 
Last edited:
Top