Check out all the on-demand sessions from the Intelligent Security Summit here.

A threat actor who has previously stolen and leaked data from Nvidia and Samsung now claims it has posted Microsoft‘s source code for Bing, Bing Maps and Cortana on its Telegram channel.

The threat actor, Lapsus$, which is believed to operate in South America, posted the claim on Telegram at 6:17 p.m. PST on Monday.

On Sunday, Lapsus$ had posted a screenshot that it claimed was the source code repositories from Microsoft, including for Bing and Cortana.

The group claimed it had accessed the repositories by hacking an Azure devops server. The screenshot was later deleted without explanation. “Will repost later,” the group had said.


Intelligent Security Summit On-Demand

Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.

Watch Here

The new Telegram post on Monday includes a 483 KB file, which Lapsus$ claims contains a portion of the source code for Microsoft’s Bing search engine, Bing Maps service and the company’s Cortana virtual assistant. The group suggested that the file includes 90% of the Bing Maps data it claims to have stolen, as well as 45% of the stolen Bing and Cortana data. “Enjoy everyone!” the post reads.

In response to the latest claims by Lapsus$, Microsoft reissued its statement that it is aware of the claims and is investigating them.

“Given the lack of a denial from Microsoft and Lapsus$’ past victims, their claims are not entirely implausible,” said Brett Callow, a threat analyst at Emsisoft, in a message to VentureBeat. “The gang seems to be somewhat disorganized, which could indicate they’re relatively inexperienced — and that makes the fact they’re able to hit major corporations somewhat surprising.”

Screenshot of Lapsus$ Telegram channel

Over the past month, vendors including Nvidia and Samsung Electronics confirmed the theft of data by the threat actor. On March 1, for instance, Nvidia said that “we are aware that the threat actor took employee credentials and some Nvidia proprietary information from our systems and has begun leaking it online.”

Stolen Nvidia data reportedly included designs of graphics cards and source code for DLSS, an AI rendering system. 

Experts have said that Lapsus$’ motives remain unclear, given the lack of financial demands in the past.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.