Hackers leak 190 GB of data allegedly from Samsung, including source code and biometric unlock algorithms
The Lapsus$ hacker group has just leaked a huge collection of data that they claim is from Samsung.
The leaked data is currently shared in a torrent and presented as three compressed files totaling almost 190 GB. At the time of this writing, the report says that more than 400 peers are sharing the file.
And earlier, the group posted a screenshot of the C/C++ guidelines in Samsung's older software. And according to the group, the torrent contains the following data:
- Source code for each Trust Applet (TA) installed in the Samsung TrustZone environment used for sensitive operations (eg, hardware cryptography, binary encryption, access control)
- Algorithms for all biometric unlocking operations
- Bootloader source code for all recent Samsung devices
- Confidential Qualcomm Source Code
- Samsung Activation Servers Source Code
- Full source code of the technology used to authorize and authenticate Samsung accounts, including APIs and services
If it looks bad, that's because it is. If the claims are correct, Samsung is considering a major breach that could cause significant harm to the company.
Lapsus$ is the same group behind the recent NVIDIA breach. They are demanding that the graphic design giant remove limitations on cryptocurrency mining or they will leak the company's source code.
However, it is not known at this time if they have made similar requests to Samsung.
In a statement to the Korea Herald, Samsung said it was investigating the incident.
More recently, Samsung was caught throttling the performance of some apps.
Source: BleepingComputer
