Lapsu$ group claims Okta supply chain attacks

Wednesday, March 23, 2022
author picture Lina Fontaine
trends
Video/image source : youtube, bankinfose
Original content created by news.limited staff

The company is currently investigating the claims made by the Lapsus$ cybercrime group. The firm has previously been linked to attacks on other companies‚ including Nvidia‚ Siemens‚ and Vodafone. In the latest case‚ Microsoft has been listed as a victim. The company said that it is looking into the attacks on its cloud platform‚ the Microsoft Azure. Although the Lapsus$ group has not yet demanded a ransom‚ it is taking precautionary measures to protect its customers from potential attack. The group claims to have breached Okta's systems and stolen data. Although it has no evidence of malicious activity‚ Lapsus$ has claimed to have gained access to Okta customer accounts and has posted screenshots of the attack. The group claims to have hacked the company's systems by gaining admin and superuser accounts. The company has not released any further information. A number of companies have responded to the attack by taking precautions. While the company's chief executive Todd McKinnon confirmed that the attack was caused by a supply chain‚ he questioned how it could be prevented. He said that the group was attempting to compromise the account of a subprocessor‚ but did not make the necessary changes. It is too early to speculate‚ but the company should do everything it can to secure its system as quickly as possible‚ he added. The Lapsus$ group's alleged attacks are a major breach of the company's security. The company has taken down a large portion of its customers' accounts in the last year‚ and a large portion of its users have been affected by the breach. The group has also been linked to multiple other ransom attacks‚ including the Okta supply chain attack. This means that the organization must have had access to these systems in order to launch its cyberattacks. The company says that there is no evidence of malicious activity on its part‚ but the screenshots of the account are dated Jan. 21‚ 2022. It says that the Lapsus$ group has accessed the systems of its customers for more than two months. This attack may have been the result of a hacker's unauthorized access to its databases. Its cybercrime claim has led to the disclosure of a number of competitive secrets. The group also posted screenshots of its internal systems. The group claims to have gained access to Okta's internal systems. The hackers reportedly stole 40GB of data from Microsoft. However‚ the hacking group has failed to publicly acknowledge the breach‚ but it has not confirmed the attack. The company is investigating the matter‚ but the hackers' actions remain an ongoing threat to businesses.

lapsu group claims okta supply chain attacks
Image source : bankinfose

The hacker has not yet claimed responsibility‚ but the company is investigating the claims. The Lapsus$ group posted screenshots of its internal systems and a large amount of purportedly stolen data from Microsoft. The gang also claims to have gained access to administrative and superuser accounts on Okta. Some of the files included in the malware are downloadable. This attack may also have been a case of false-ware because the attackers were targeting other organizations. The Lapsus$ group claims that it broke into Okta's systems in January. In fact‚ the security firm said it detected a hacker's attempt to compromise a subprocessor account and then blocked the attacker's access to the network. The attack exposed Samsung's competitive secrets and left the company open to future compromise. The gang is currently investigating whether any of the claims are true. The hackers claim to have access to the accounts of Okta customers. The attackers have gained the access to these accounts by compromising Okta's security systems. They also obtained the passwords of other accounts and accessed their information. The group has claimed to have a large database that contains passwords. Moreover‚ the attackers have not targeted the servers of their customers.