Hackers leak 190GB of alleged Samsung data, source code

The Lapsus$ info extortion team leaked now a huge collection of confidential facts they assert to be from Samsung Electronics, the South Korean giant consumer electronics organization.

The leak comes much less than a 7 days following Lapsus$ released a 20GB doc archive from 1TB of knowledge stolen from Nvidia GPU designer.

Gang teases Samsung info leak

In a note posted earlier these days, the extortion gang teased about releasing Samsung knowledge with a snapshot of C/C++ directives in Samsung software program.

Lapsus$ extortion group teasing Samsung data leak

Soon right after teasing their followers, Lapsus$ posted a description of the future leak, saying that it is made up of “confidential Samsung supply code” originating from a breach.

  • source code for every single Trusted Applet (TA) set up in Samsung’s TrustZone ecosystem utilised for delicate functions (e.g. components cryptography, binary encryption, accessibility management)
  • algorithms for all biometric unlock operations
  • bootloader source code for all current Samsung gadgets
  • confidential supply code from Qualcomm
  • supply code for Samsung’s activation servers
  • complete source code for technological innovation utilized for authorizing and authenticating Samsung accounts, including APIs and companies

If the information earlier mentioned are correct, Samsung has suffered a significant details breach that could trigger large destruction to the business.

Lapsus$ break up the leaked details in 3 compressed documents that add to nearly 190GB and built them accessible in a torrent that seems to be very well-liked, with far more than 400 peers sharing the content. The extortion group also reported that it would deploy far more servers to boost the down load speed.

Lapsus$ torrent for the Samsung data leak

Incorporated in the torrent is also a quick description for the content available in every single of the three archives:

  • Portion 1 has a dump of source code and relevant info about Protection/Protection/Knox/Bootloader/TrustedApps and numerous other objects
  • Section 2 consists of a dump of resource code and associated knowledge about system stability and encryption
  • Section 3 contains a variety of repositories from Samsung Github: mobile protection engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby, Smartthings, retailer)

It is unclear if Lapsus$ contacted Samsung for a ransom, as they claimed in the scenario of Nvidia.

BleepingComputer has contacted Samsung for a statement about the Lapsus$ details leak and will update the short article when the company replies.

Update [March 7, 2022]: Samsung confirmed a knowledge breach on its methods and that the intruder had accessibility to supply code applied in Galaxy smartphones.

Related posts