Sunday, March 06, 2022

CRIMINAL CYBER CAPITALI$M
Lapsus$ hackers leak Samsung source code and massive data dump from security breach


By Sofia Wyciƛlik-Wilson


Samsung appears to have fallen victim to a serious security breach if the leaks from data extortion group Lapsus$ are anything to go by.

Amounting to a colossal 190GB of data, the group says it has in its possession Samsung source code and other confidential company data. It is just days since the Lapsus$ claimed responsibility for a hack that resulted in data being stolen and leaked from data stolen from GPU chipmaker NVIDIA.

The attack on NVIDIA was said to be a reaction to the company limiting the crypto-mining capabilities of its chips, but details surrounding the Samsung leak are less clear. In fact, it is not even apparent whether Lapsus$ is responsible for the security breach that resulted in data being stolen from Samsung, or whether the group simply managed to acquire it.

So far, Lapsus$ has only -- as Bleeping Computer shares -- teased the data it claims to have obtained. But if the group's assertions are true, it has three archives of Samsung data including source code for security products, encryption data, and backend data.

 Among the data teased are:
source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
algorithms for all biometric unlock operations
bootloader source code for all recent Samsung devices
confidential source code from Qualcomm
source code for Samsung’s activation servers
full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services

While Lapsus$ used the data obtained from NVIDIA to demand a ransom, it is not known whether this has also happened with Samsung. Samsung has not commented on the matter so far, so we only have the word of Lapsus$ to go on for now.

No comments: