Lapsus$, the hacking group responsible for leaking confidential information from Nvidia have struck again. This time, the group’s target was Samsung from which it have allegedly stolen 190GB worth of data. It has been claimed that the data includes encryption and source codes for many of the South Korean tech giant’s new devices. Samsung in a reply to this released a statement where it did not confirm or deny the identity of the hackers, nor whether or not they had stolen data related to encryption and biometrics. But, it did state that no personal data of employees or customers was compromised. Also Read - Samsung showcases 200MP camera sensor with a giant cat billboard: Watch video
“There was a security breach relating to certain internal company data,” Samsung told Bloomberg. “According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption,” it added. Also Read - Samsung Galaxy M13 launched with a 6.6-inch FHD+ display and 50MP cameras
The attack took place on Saturday with the group later publishing the data in a torrent. According to a note posted by the group as seen by Bleeping Computer, the data has been shared in three parts along with a text file describing the content. Also Read - Exynos 2300 is in works, likely for the 2023-due Galaxy S23 flagship
The note accompanying the torrents claims that they include the “source code from every Trusted Applet” installed on every Samsung device. Additionally, it includes “confidential source code from Qualcomm,” algorithms for “all biometric unlock operations,” bootloader source code for the devices, and source codes for Samsung’s activation servers and Samsung account authentications, including APIs and services.
The critical data that has been compromised targets Samsung Github: mobile defence engineering, Samsung account backend, Samsung pass backend/frontend, and SES which includes Bixby, Smartthings, and store.
To recall, Lapsus$ earlier attacked Nvidia, compromising around 1TB of confidential data, this included access to 71,000 employee emails and hashes. This is a part of a ransom plot, where the hackers have put up monumental demands for Nvidia to match. These demands include a demand for the company to remove the limit it has put on its Nvidia 30-series GPUs against Ethereum cryptocurrency mining, and to open-source its GPU drivers forever. The hackers have also demanded money from the company. According to a report by The Verge, a message by the group suggested that they are also looking to sell the leaked data directly to a buyer instead of making it public.