Microsoft is in the midst of investigating whether or not a “extortion-focused hacking group” has gained access to its internal systems, according to a Monday morning report from Vice.
The group in question, LAPSUS$, had formerly compromised companies like Ubisoft and Nvidia. In the case of Nvidia, the group made ransom demands of asking the company to “unlock aspects of its graphics cards to make them more suitable for mining cryptocurrency”.
So far, the group has not made any demands of Microsoft, the report says.
But over the weekend the group put up images of what Vice says “appeared to be an internal Microsoft developer account to their Telegram channel”. The shot appeared to be from an Azure DevOps account and showed projects called “Bing_UX”, “Bing-Source” and “Cortana.”
The terms “mscomdev,” “microsoft,” and “msblox,” were also included in the screenshot.
The image was deleted shortly after it was posted, with an administrator of the channel writing: “Deleted for now will repost later.”
Microsoft has commented that they are “aware of the claims” and are “investigating”.
The group said earlier this month that it was recruiting employees inside of companies like Microsoft. They also listed Apple and IBM as companies where they were looking for insiders to work with.
In the last 3 months alone, the group has “breached the Ministry of Health of Brazil, a slew of Brazilian and Portuguese companies, and then Nvidia and Samsung”, the report wrote. They also took credit for breaching Ubisoft earlier this month.