Security News

The Lapsus$ extortion gang briefly alleged over the weekend it had compromised Microsoft. "We are aware of the claims and are investigating," a Microsoft spokesperson told The Register on Monday.

Microsoft is investigating claims that an extortion-focused hacking group that has previously compromised massive companies such as Ubisoft and Nvidia has gained access to internal Microsoft systems, according to a statement from the company.The hacking group, which goes by the self-designated name LAPSUS$, has successfully breached a wave of corporations recently. The group has so far not made any public demands against Microsoft. On Sunday, LAPSUS$ posted a screenshot of what appeared to be an internal Microsoft developer account to their Telegram channel. Shortly after posting the screenshot, an administrator of LAPSUS$’s Telegram channel deleted the image.

Cybersecurity experts describe a still-maturing cybercriminal group that is testing its capabilities with a range of different attack methods - from data extortion to ransomware - and may be taking advantage of Russia's invasion of Ukraine, which is distracting and diverting malware pushers and cybersecurity vendors alike. "Based on their public behavior and communication observed from the group, it is believed that they are a completely new group and not simply a rebranded threat group," Tyler Croak, principal strategist at cybersecurity vendor Lookout, told The Register.