After Nvidia, the Lapsus$ hacker group hacked Samsung and managed to collect less than 190GB of confidential data. The case is more than delicate for the manufacturer as its Galaxy smartphones have its share of security hacks.
A big hack for Samsung
Lapsus$ has shared the first teaser to prove its Samsung hack. These are just some of the elements specific to the manufacturer’s software. The hacker group then uploaded a list of the next items to be released:
- The source code of each Trust Applet (TA) is installed in Samsung’s TrustZone environment and used for sensitive operations (such as hardware cryptography, binary encryption, access control).
- Algorithms for all biometric unlocking tasks.
- Bootloader source code for all recent Samsung devices.
- Qualcomm confidential source code.
- Source code from Samsung’s activation server.
- Complete source code of the technology used for authorization and authentication of Samsung accounts, including APIs and services.
As we can see, there are many worrying points on the list for both Samsung and the company’s customers. The latter have remained silent on the matter for the time being. For their part, the hackers have already shared 190 GB of data with the three archives. Lapsus$ introduced them as a torrent according to BleepingComputer.
In the case of the Nvidia hack, Lapsus$ demanded a ransom, in addition to forcing the company to offer open source drivers for its graphics cards. It is not clear at this time whether a ransom has been demanded from Samsung.