Bad news for Samsung smartphone owners : the Korean giant was the victim of a cyber attack by the hacker group called Lapsus $ , which allegedly managed to steal a huge amount of confidential data.
According to what was revealed by the hacker group, the material stolen from Samsung should contain “confidential source code” and would appear to come from a violation suffered by the telephony giant.
Lapsus $ is in possession of valuable data from Samsung
In particular, Lapsus $ argues that the material it came into possession of would include:
- source code for each Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (such as hardware encryption, binary encryption and access control)
- algorithms for all biometric unlocking operations
- bootloader source code for all recent Samsung devices
- Qualcomm’s confidential source code
- source code for Samsung’s activation servers
- Full source code for the technology used for Samsung account authorization and authentication, including APIs and services
In the event that what Lapsus $ disclosed were to be true, the Korean manufacturer would face a serious data breach that could cause enormous damage to the company.
Lapsus $ has split the data it came into possession into three compressed files that come to “weigh” nearly 190GB and made them available in a torrent that appears to be very popular (with over 400 peers sharing the content). The hacker group also made it known that it would use multiple servers to increase the download speed.
It is unclear if Lapsus $ contacted Samsung to ask for a ransom , as it claims to have done a week ago in a similar case involving NVIDIA but the publication of the data seems to suggest that it tried and that the Korean giant did not has accepted the conditions.