What just happened? Lapsus$, a hacking group that leaked sensitive Nvidia information last week, has moved on to a new target: Samsung. Hackers claimed an attack that leaked 190GB of sensitive information from the South Korean tech giant, including encryption data and source code for the latest Samsung devices.
The hackers behind the Nvidia security breach are targeting the world's largest tech companies. Last week, the South American hacker group Lapsus$ claimed to have carried out a major hacking attack on Nvidia, stealing more than 1TB of data and holding the ransom. The Telegraph reported that Nvidia's internal systems were "completely compromised".
On Saturday, hackers leaked nearly 190GB of data from Samsung and subsequently released the files via torrent. This reportedly includes sensitive information that can be used to compromise Samsung devices.
The vx-underground post, which tracks information about malware on the web, tweeted message that Lapsus$ launched to his followers. It alleges that the hack includes "source code for every trusted Applet installed on all Samsung devices" and "confidential Qualcomm source code".
The LAPSUS$ extortion group has successfully breached NVIDIA and Samsung.
-March 1: They require NVIDIA to open-source their drivers, or they will
-March 4: LAPSUS$ released Samsung's proprietary source code.See attached images for more details directly from LAPSUS$ pic.twitter.com/U3VD7R2KRl
โ vx-underground (@vxunderground) March 4, 2022
The leak allegedly also includes the algorithms for biometric unlock operations and the source code for Samsung Accounts, a login service associated with Samsung mobile devices.
According to computer beepthe torrent has been shared by over 400 peers and includes a text file that describes the content available in the download:
- "Part 1 contains a source code dump and related data on Security/Defense/Knox/Bootloader/TrustedApps and various other items
- Part 2 contains a source code dump and data related to device security and encryption.
- Part 3 contains various Samsung Github repositories: Mobile Defense Engineering, Samsung Account Backend, Samsung Pass Backend/Frontend, and SES (Bixby, Smartthings, Store)"
The Nvidia hack was reported to be a rescue plot, with hackers threatening to leak Nvidia's mining limiter bypass algorithm. Lapsus$ claimed that Nvidia hacked them again but maintained that they still had a copy of Nvidia's sensitive data.
Currently, there is no information about an extortion plot associated with the Samsung incident, and all the files from the hack were released simultaneously. It is unknown if Lapsus$ has attempted to extort ransom from Samsung.
Samsung has yet to respond to the security breach.
