Microsoft Says Digital Extortion Gang Lapsus$ Targets Cryptocurrency, Too

An anonymous reader shares a report: A digital extortion gang with a murky background and unconventional methods -- one researcher called them "laughably bad" at times -- has claimed responsibility for a string of compromises against some of the world's largest technology companies. The group, known as Lapsus$, said in a series of public posts on the messaging app Telegram this week that it had accessed Okta, the San Francisco-based identity-management firm that provides authentication tools for an array of business clients. Okta said Tuesday that attackers may have viewed data from approximately 2.5% of its customers after breaching the laptop of an engineer at a third-party vendor. Lapsus$ previously claimed to breach organizations including Nvidia, Samsung Electronics, and the gaming company Ubisoft Entertainment. The group said it also accessed data from Microsoft, saying it had gathered source code from the company's Bing search engine, Bing Maps and the Cortana digital assistant. Microsoft said attackers gained "limited access" to its systems, and that attackers had compromised a single account to gather data. In recent years, most hacking groups have used malware to encrypt a victim's files, then demanded payment to unlock them, so-called ransomware. Sometimes the groups steal sensitive data and threaten to make it public unless they are paid. Lapsus$ functions as a "large-scale social engineering and extortion campaign," though it does not deploy ransomware, Microsoft said. The group uses phone-based tactics to target personal email accounts at victim organizations and pays individual employees or business partners of an organization for illicit access, according to Microsoft. Lapsus$ also is known for hijacking individual accounts at cryptocurrency exchanges to drain user holdings.

Read more of this story at Slashdot.