• Latest
  • Trending
Lapsus$ Group Attacks Microsoft and Okta in Cyber Hack

Lapsus$ Group Attacks Microsoft and Okta in Cyber Hack

March 30, 2022
Call of Duty movie: Paramount, Activision strike deal for live-action adaptation

Call of Duty movie: Paramount, Activision strike deal for live-action adaptation

September 5, 2025
Meta Brings Back Facebook Poke with Emojis and Streaks

Meta Brings Back Facebook Poke with Emojis and Streaks

September 5, 2025
Know why they’re calling: Truecaller launches AI-powered insights

Know why they’re calling: Truecaller launches AI-powered insights

September 5, 2025
Visa harnesses local partnerships to launch Visa Pay in DR Congo

Visa harnesses local partnerships to launch Visa Pay in DR Congo

September 5, 2025
Betika denies recent reports of security breach

Betika denies recent reports of security breach

September 5, 2025
10 things you can actually buy with crypto in Africa

10 things you can actually buy with crypto in Africa

September 5, 2025
CBE seals deal with Botim to enhance remittance services for Ethiopians living in UAE

CBE seals deal with Botim to enhance remittance services for Ethiopians living in UAE

September 5, 2025
Nigeria Senate, SIBAN push for crypto regulation to boost digital economy

Nigeria Senate, SIBAN push for crypto regulation to boost digital economy

September 5, 2025
Mamo Mihretu Resigns as Governor of Ethiopia’s Central Bank

Mamo Mihretu Resigns as Governor of Ethiopia’s Central Bank

September 5, 2025
Paratus Group introduces first private mobile network using LTE and 5G in Namibia

Paratus Group introduces first private mobile network using LTE and 5G in Namibia

September 5, 2025
Your one-stop tech hub! Get the latest updates on AI, cybersecurity, fintech, and emerging technologies.
  • Tech News
    • Africa Tech
    • Global Tech
    • Tech with Pelumy
    • Tech Careers
    • General News
    • How To
    • Reviews
  • Cryptocurrency
  • Fintech
  • Startups
  • Ai
No Result
View All Result
  • Tech News
    • Africa Tech
    • Global Tech
    • Tech with Pelumy
    • Tech Careers
    • General News
    • How To
    • Reviews
  • Cryptocurrency
  • Fintech
  • Startups
  • Ai
No Result
View All Result
Techpression
No Result
View All Result
Home Tech News Africa Tech News

Lapsus$ Group Attacks Microsoft and Okta in Cyber Hack

Okunloye Abiodun Segun by Okunloye Abiodun Segun
March 30, 2022
149 1
0
Lapsus$ Group Attacks Microsoft and Okta in Cyber Hack
465
SHARES
Share on FacebookShare on TwitterWhatsAppTelegram

The Lapsus$ group struck again. Lapsus is known for breaking into business networks and then extorting them. Sometimes they steal data and hold it hostage.

The ransomware group this week launched an attack on Microsoft and Okta.

Previously, the group has breached the Cybersecurity of many tech giants including Nvidia and Samsung in which nearly 200 Gigabytes of Samsung Source Code were leaked.

Microsoft stated that the hacker group Lapsus gained “limited access” to its networks, after a claim by the group that it stole source code for the Bing search engine and Cortana voice assistant.

RelatedPosts

Microsoft Tests Homegrown AI Model MAI-1, Signalling Shift From OpenAI Reliance

GitHub CEO to resign, prompting Microsoft-led strategic shift

Windows 10 Users Take Microsoft to Court Over End-of-Support Decision

While Okta, the San Francisco-based company that manages user authentication services for thousands of corporate clients, stated that the impact of the breach is 366 (approximately 2.5% of) customers whose Okta tenant was accessed by Sitel.

About Lapsus$ Group Attack

Some time ago, the group advertised that they wanted to buy credentials of their target company through employees or contractors that are willing to take part in its operation. For a fee, the willing accomplice must provide their credentials and approve the MFA prompt or have the user install AnyDesk or other remote management software on a corporate workstation allowing the actor to take control of an authenticated system.

Hack Group

Lapsus$ is known for claiming on social media to infiltrate a number of large tech companies. Its Telegram channel was the first to report this week’s Microsoft and Okta breaches.

Read Also : Anonymous Hacker Group Communicate With Russians Through Printer Attacks

According to the report, Microsoft may have been hacked, with 37 GB of Bing, Bing Maps, and Cortana source code stolen, while the group claimed to have gotten around 45 percent of the code for Bing and Cortana, and around 90 percent of the code for Bing Maps. 

But Microsoft stated, “Our investigation has found a single account had been compromised, granting limited access. Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity.”

Moreover, Okto said LAPSUS$ remotely hacked a computer belonging to a customer support engineer contracted via Sitel, a third-party outsourcing agency.

“Our investigation determined that the screenshots, which were not contained in the Sitel summary report, were taken from a Sitel support engineer’s computer upon which an attacker had obtained remote access using RDP. This device was owned and managed by Sitel.”

What is Microsoft Saying?

Microsoft has identified LAPSUS$ activity and linked it to a threat group known as DEV-0537, which is known for using a pure extortion and destruction model without deploying ransomware payloads. The group began targeting organizations in the government, technology, telecom, media, retail, and healthcare sectors before expanding to global targets.

Microsoft affirmed “Unlike most activity groups that stay under the radar, DEV-0537 doesn’t seem to cover its tracks. They go as far as announcing their attacks on social media or advertising their intent to buy credentials from employees of target organizations.”

Read Also : Equiano Google’s Underwater Internet Cable To Give High Speed Internet To Togo

Furthermore, Microsoft Threat Intelligence Center (MSTIC) assesses that the objective of DEV-0537 is to gain elevated access through stolen credentials that enable data theft and destructive attacks against a targeted organization, often resulting in extortion. Tactics and objectives indicate this is a cybercriminal actor motivated by theft and destruction.

In some cases, DEV-0537 even called the organization’s help desk and attempted to convince the support personnel to reset a privileged account’s credentials

Report from Okto

Okta, based in San Francisco, helps employees of more than 15,000 companies securely access their networks and applications, a security breach at the company could have far-reaching implications across the Internet.

David Bradbury explained the situation in a blog post,  Our investigation determined that the screenshots, which were not contained in the Sitel summary report, were taken from a Sitel support engineer’s computer upon which an attacker had obtained remote access using RDP. This device was owned and managed by Sitel. He explained further “The scenario here is analogous to walking away from your computer at a coffee shop, whereby a stranger has (virtually in this case) sat down at your machine and is using the mouse and keyboard. So while the attacker never gained access to the Okta service via account takeover, a machine that was logged into Okta was compromised and they were able to obtain screenshots and control the machine through the RDP session.”

Read Also : Regulation of Drones Across Africa

According to the forensic firm’s investigating the breach, the report indicated that the threat actor had access to the Sitel environment for five days between January 16 and 21, 2022, which was confirmed with analysis.

Bradbury added the threat actor would not have gotten  “god-like access” since the application is built with the least privilege in mind to ensure that support engineers are granted only the specific access they require to perform their roles. They are unable to create or delete users. They cannot download customer databases. They cannot access our source code repositories. 

Tags: Lapsus$ GroupMicrosoftOkto
Okunloye Abiodun Segun

Okunloye Abiodun Segun

A vibrant writer saddled with the chore of Informing the world with words.

No Result
View All Result

Quick Links

  • Tech News
  • Cryptocurrency
  • Fintech
  • Startups
  • Business

Follow Us:

  • facebook
  • instagram
  • Twitter(X)
  • Linkedin
  • YouTube
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2025 Techpression.com -Techpression Media Limited

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in .

No Result
View All Result
  • Home
  • Tech News
    • Africa Tech
    • Global Tech
    • Tech with Pelumy
    • Tech Careers
    • Reviews
    • How To
    • General News
  • Cryptocurrency
  • Business
  • Fintech
  • Startups
  • Featured
  • Ai
  • Tech TV

© 2025 Techpression.com -Techpression Media Limited

techpression.com
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.