Microsoft victim of a massive cyberattack led by a teenager

Related or not to the war in Ukraine, the cyberattacks have multiplied in recent weeks, and earlier this week a group of hackers called Slip$ announced that he had broken into the servers of Microsoft to steal nearly 40 GB of confidential documents.

It was not personal data of Windows or Office customers, but a large part of the source code of the Bing search engine, theapplication Bing Maps andvoice assistant Cortana. Microsoft has confirmed hacking by this collective it calls DEV-0537, and security experts have decided to identify this group of hackers already known to have attacked in the past. SamsungVodaphone, nVidia and Ubisoft.

His mother fell from the clouds

According to Bloomberg, the investigation leads to a 16-year-old teenager living with his mother near Oxford, England! Even if it is gooda group of piratessince seven different accounts have been identified, the thinking head would therefore be an English teenager.

A woman who identified herself as the boy’s mother spoke with a Bloomberg reporter for about 10 minutes via a intercom. She explained that she was not aware of the charges against her son or of the leaked documents. She said she was very disturbed that videos and photos of her house and the house of the teenager’s father were revealed.

Thames Valley Police and the National Crime Agency, which investigate the hack in the UK, did not react to Bloomberg’s revelations, while the FBI, which investigates the Lapsus$ attacks, declined to comment.

To confuse him, security experts used traces related to hacks, but also took advantage of information provided by competing hacker groups! The digital war also opposes hackers to each other, and a collective has outright posted the contact details of the teenager, with his address and information about his parents. Bloomberg did not reveal this personal information but the media gave his nicknames: ” White ” and ” breachbase “.

Inconspicuous pirates

Security experts, quoted by Bloomberg, admit to being very impressed by the qualities of this young hacker, and in particular by the speed of the attacks carried out. So much so that they thought it was a robot doing them! The catch is that this group of young pirates are more drawn to fame thanmoneyand this is what made it possible to identify them in part.

On his blog, Microsoft details the attack and the damage suffered, and thus confirms that the members of Lapsus$ care little about their protection and their anonymity. ” Unlike most activity groups that remain hidden, DEV-0537 doesn’t seem to hide its tracks. They go so far as to announce their attacks on social networks or announce their intention to buy credentials from employees of the targeted companies. »

The young pirates thus publish on Telegram their requests, or use Zoom to contact hacked companies. A method that allowed Microsoft to limit the case. ” Our team was already investigating the compromised account based on threat intelligence when the hacker publicly disclosed their intrusion. This public disclosure intensified our action, allowing our team to step in and halt the operation, thus limiting a wider impact.. »