After Nvidia, Samsung is stealing a considerable amount of sensitive data

After Nvidia Samsung is stealing a considerable amount of sensitive

The Lapsus$ pirate group continues its tour of the Grand Dukes. After releasing part of a terabyte of confidential technical data stolen from Nvidia, they have just uploaded 190 gigabytes of documents and source code from Samsung. The archive can be downloaded through a Torrent file that the hackers posted on their Telegram channel. Its content is detailed in a message, and it’s heavy.

It would contain the source codes of all the applets used in the TrustZone environment to perform sensitive operations such as access control, encryption or DRM. It would also include, among other things, biometric unlocking algorithms, bootloader source codes for all recent Samsung models, data on Knox security software, activation server source codes and confidential source code from Qualcomm. Bleeping Computer has downloaded the archive. It is subdivided into three large 7z files of 89, 30 and 69 GB respectively.

For its part, Samsung confirmed to Bloomberg that it had been the victim of a data theft:

“There was a security breach related to some internal company data. According to our initial analysis, the breach involves source code relating to the operation of Galaxy devices, but does not include personal information of our customers or employees. Currently, we do not anticipate any impact to our business or our customers. We have measures in place to prevent such incidents and will continue to serve our customers without interruption. »

Also see video:

On the other hand, it is not known whether the hackers had previously demanded a ransom before publishing all this data. In Nvidia’s case, that appears to have been the case.

It remains to be seen how these hackers were able to get their hands on this data? Some Twittos suspect that Lapsus$ has a zero-day flaw in a collaborative development tool, such as GitHub, GitLab or other. Which might explain why these hackers keep lining up source code thefts right now. Indeed, after exposing Nvidia and Samsung, Lapsus$ is now threatening to release 200 GB of Vodafone documents, source codes and databases from media group Impresa and South American e-commerce platform Mercado Libre. .

Sources : Bleeping Computer, Bloomberg

1nc1