1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Bing and Cortana source code reportedly stolen by Medusa ransomwa

    From TechnologyDaily@1337:1/100 to All on Thu Apr 20 15:00:04 2023
    Bing and Cortana source code reportedly stolen by Medusa ransomware crew

    Date:
    Thu, 20 Apr 2023 13:48:14 +0000

    Description:
    Threat analysts are yet to confirm the authenticity of Medusa's claims.

    FULL STORY ======================================================================

    Threat actors going by Medusa have posted a new database on their leak site, claiming it contains data from Microsoft including source code for Bing and Cortana.

    Found by Emsisoft researcher Brett Callow, the announcement says embedding
    the source code could trick antivirus products into confusing malware with Microsoft-made programs.

    "This leak is of more interest to programmers, since it contains the source codes of the following Bing products, Bing Maps and Cortana," the
    announcement reads. "There are many digital signatures of Microsoft products in the leak. Many of them have not been recalled. Go ahead and your software will be the same level of trust as the original Microsoft product." No confirmation

    While the announcement did raise red flags all around, no threat analysts
    have yet confirmed the authenticity of Medusas claims, so the files might be bogus for all we know.

    "At this point, it's unclear whether the data is what it's claimed to be," Emsisoft's Callow told The Register . "Also unclear is whether there's any connection between Medusa and Lapsus$ but, with hindsight, certain aspects of their modus operandi does have a somewhat Lapsus$ish feel." Read more

    You're a ransomware victim: Here's 5 things you should do


    What is ransomware and how does it work?


    Check out the best ransomware removal right now

    A year ago, a threat actor called Lapsus$ announced breaking into Microsofts endpoints and stealing roughly 37GB of sensitive data, including the source code for Bing and Cortana. Soon afterward, Microsoft confirmed the breach but stated no customer code or data being taken. "Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead
    to elevation of risk," the Redmond giant explained at the time.

    Thus, Callow could be suggesting that the attackers were just re-leaking what was already stolen a year ago.

    Medusa is a ransomware operator that rose to infamy after breaching the Minneapolis Public Schools (MPS) district and demanding $1 million in
    exchange for the decryption key. Given that MPS data was leaked to the dark web soon after, its safe to assume that the negotiations fell through. Here's our list of the best firewalls right now

    Via: The Register



    ======================================================================
    Link to news story: https://www.techradar.com/news/medusa-ransomware-crew-says-it-stole-bing-and-c ortana-source-code


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)