Samsung has reportedly been struck by a massive cyberattack initiated by the group Lapsus$, who claims that they have gotten hold of 190GB worth of valuable data. This is the same group of hackers who earlier stole 1TB worth of data from NVIDIA, which included leaked DLSS code.
Samsung Officials Are Aware of the Cyberattack, Reportedly Claiming That Investigation Is Underway, but There Is No Mention of a Ransom
In a note posted earlier today, Bleeping Computer reports that Lapsus$ teased about releasing Samsung data with a snapshot of C/C++ directives in Samsung software. Sure enough, the teaser led to the publishing of a leak, stating that it has confidential Samsung source code that was obtained from the cyberattack.
-
source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
-
algorithms for all biometric unlock operations
-
bootloader source code for all recent Samsung devices
-
confidential source code from Qualcomm
-
source code for Samsung’s activation servers
-
full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services
The leaked data’s size shows three compressed files that amount to nearly 190GB. The data was then made available in a torrent. Lapsus$ says that it would be deploying additional servers to help peers get the most out of their download speeds. A brief description of the content available is given below.
“Part 1 contains a dump of source code and related data about Security/Defense/Knox/Bootloader/TrustedApps and various other items
Part 2 contains a dump of source code and related data about device security and encryption
Part 3 contains various repositories from Samsung Github: mobile defense engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby, Smartthings, store)”
Samsung officials said they are now assessing the situation but have not confirmed if the hacking group has asked for ransom. This data breach may have adverse effects on Samsung’s partners like Qualcomm and Apple, as the Korean giant has formed strong business relationships with them. We have to see if Samsung will engage in a dialogue with the extortion group and if they will demand ransom.
News Source: Bleeping Computer
