Security News > 2022 > March > Microsoft: Lapsus$ Used Employee Account to Steal Source Code

"No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity," Microsoft explained in an advisory about the Lapsus$ threat actors.

Lapsus$ shared a screenshot of what were allegedly Microsoft's internal source code repositories: leaked files that security researchers said appear to be legitimate internal source code.

The threat actor has published more data since then: On Monday night, ??Lapsus$ posted a torrent for a 9GB 7zip archive containing the source code of over 250 projects that the gang claimed came from Microsoft.

The projects don't contain source code for Microsoft desktop software such as Windows, Windows Server and Microsoft Office, according to the outlet's sources.

Security Affairs shared a screenshot, shown below, of the uncompressed 7zip archive that contains the 37GB of source code belonging to hundreds of Microsoft projects.

The company "Does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk," Microsoft's advisory said.

News URL

https://threatpost.com/microsoft-lapsus-compromised-one-employees-account/179048/