About a week ago from time of posting, a hacker group called “Lapsus$” claimed to hacked into servers of various companies and stole tons of terabytes worth of data. The list includes the following companies, who have claimed to be hacked by this group;
- NVIDIA Corporation
- Microsoft Corporation
- Samsung Electronics
- Ubisoft Entertainment
- Okta Incorporated
This group of hackers, as I mentioned stole a lot of data from these companies. Let me go over what they stole from NVIDIA Corporation and Microsoft Corporation;
What did they take and why?
Let’s start of with Nvidia. Around last week from time of posting, Nvidia says its ‘proprietary information’ was being leaked by hackers. On February 23rd, 2022, the company became aware of a security breach in their systems. Later on, the Lapsus$ hacking group claimed to be responsible for this breach and made a letter with a ‘threat’ in it which could ruin Nvidia’s business.
The hacking group collected about one terrabyte of data from NVIDIA Corporation, a very popular GPU creator, who also collaborated with Mojang Studios at one point to bring ray tracing to Minecraft back in 2020. They are also perhaps the only GPU company who designs the best ray tracing chips.
The threat was a post on some platform, and luckily, I have a screenshot of it here;
Source: The Verge
If you ask me, this threat is both dangerous and quite dumb. It’s dangerous because the hackers can leak information about all Nvidia’s unreleased chips, source code, etc. And, this is also dumb because I highly doubt Nvidia would even accept such a demand. (From time of posting this, it’s already Friday)
I’m going to keep this topic short, just so that I don’t flood it with a lot of stuff, so let’s move on to Microsoft Corporation, and then I’ll get onto the conclusion who’s suspected to be behind all this (however I won’t be very specific describing that, but I’ll link the articles)
So, this week, the Lapsus$ hacking group claimed to hack Microsoft and that they’re holding about 37 gigabytes of data, including partial source code from the Bing browser and the Cortana virtual assistant.
On Tuesday evening, after investigating, Microsoft confirmed the group that it calls DEV-0537 compromised “a single account” and stole parts of source code for some of its products.
I’ve not been able to find what they want from Microsoft, or why they stole the data, but I suppose they just want to keep all the source code to themselves and use it for other things.
Was the group caught?
All these companies started tracking the group, and now an England-based person is suspected as the mastermind. I won’t be describing all of it in this post, but you may see the articles below.