Samsung Officials Are Aware of the Cyberattack, Reportedly Claiming That Investigation Is Underway, but There Is No Mention of a Ransom
In a note posted earlier today, Bleeping Computer reports that Lapsus$ teased about releasing Samsung data with a snapshot of C/C++ directives in Samsung software. Sure enough, the teaser led to the publishing of a leak, stating that it has confidential Samsung source code that was obtained from the cyberattack.
source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control) algorithms for all biometric unlock operations bootloader source code for all recent Samsung devices confidential source code from Qualcomm source code for Samsung’s activation servers full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services
The leaked data’s size shows three compressed files that amount to nearly 190GB. The data was then made available in a torrent. Lapsus$ says that it would be deploying additional servers to help peers get the most out of their download speeds. A brief description of the content available is given below. Samsung officials said they are now assessing the situation but have not confirmed if the hacking group has asked for ransom. This data breach may have adverse effects on Samsung’s partners like Qualcomm and Apple, as the Korean giant has formed strong business relationships with them. We have to see if Samsung will engage in a dialogue with the extortion group and if they will demand ransom. Part 2 contains a dump of source code and related data about device security and encryption Part 3 contains various repositories from Samsung Github: mobile defense engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby, Smartthings, store)” News Source: Bleeping Computer
