Samsung has reportedly been hit by a devastating cyberattack that has resulted in a lot of confidential data being leaked online. A hacking group is reportedly behind this attack on the tech giant.
Reports mention that Samsung’s confidential source code has been leaked in this attack in addition to other secret data. The hackers have provided a list of all the data that has been leaked in this security breach.The Lapsus$ group has claimed responsibility for the attack. They published a snapshot of C/C++ directories in Samsung software to show that they would be releasing the data online.
A description of the leak was then published. It source code for every Applet installed in Samsung’s TrustZone environment used for encryption, access control, hardware cryptography, etc. All of the leaked data adds up to almost 190GB. Lapsus$ has split it into three compressed files that have now been leaked as a torrent online.
Algorithms for all biometric unlock operations, bootloader source code for all recent Samsung devices, secret source code from Qualcomm, source code for Samsung’s activation servers, and the full source code for tech used to authorize and authenticate Samsung accounts, including APIs and services has apparently been leaked.
The Lapsus$ group was recently in the news for leaking NVIDIA data online. Almost 1TB of data was lost in the cyberattack. The group demanded that NVIDIA open-source GPU drivers and disable LHR on its graphics cards to unlock their full potential for crypto mining.It’s unclear if Lapsus$ made any demands to Samsung. A report out of South Korea mentions that Samsung officials are assessing the situation. The company hasn’t said anything else about the leak as yet.