Microsoft Shares Details On Lapsus$ Hacking Operations

Share post:

Microsoft has uncovered the activities of Lapsus$, a relatively new hacking group conducting cyberattacks against organizations.

According to Microsoft, Lapsus$ dubbed DEV-0537 uses an extortion and destruction model of attack. This model does not rely on ransomware payloads.

The group employs different social engineering schemes to lure potential victims. This includes phone-based social engineering via SIM-swapping and compromising an individual’s personal or private accounts.

Other tactics include deceiving the company’s support representatives into divulging secrets and carrying out an alliance with employees to gain access to account credentials and MFA details.

The group also purchases credentials and tokens from forums on the Dark Web, scans public code repositories for exposed credentials, and uses a password stealer known as Redline to capture passwords and tokens.

Organizations are advised to protect themselves by requiring MFA for all users, avoiding telephone-based and SMS-based MFA, using Azure AD password protection, and using other password authentication tools.

Others include reviewing their VPN authentication, monitoring and reviewing their cloud security, educating all employees about social engineering attacks, and setting up security processes in response to possible Lapsus$ intrusions.

For more information, read the original story in TechRepublic.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways