What happened now? Lapsus$, the hacker group that leaked confidential information from Nvidia last week, has reportedly moved on to a new target: Samsung. Hackers have claimed an attack that leaked 190GB of sensitive information from the South Korean tech giant, including encryption data and source code for Samsung’s latest devices.
The hackers behind the Nvidia security breach have targeted the world’s biggest tech companies. Last week, South American hacker group Lapsus$ claimed to have carried out a major hack attack on Nvidia, stealing more than 1TB of data and receiving a ransom for it. Telegraph reported that Nvidia’s internal systems were “completely compromised”.
On Saturday, hackers leaked almost 190GB of data from Samsung, subsequently publishing the files via torrent. This reportedly includes sensitive information that could be used to hack Samsung devices.
The vx-underground edition, which monitors information about malware on the network, tweeted a message that Lapsus$ sent to its subscribers. The hack is said to include “the source code of every trusted applet installed on all Samsung devices” and “confidential source code from Qualcomm.”
The LAPSUS$ ransomware group successfully hacked both NVIDIA and Samsung.
-March 1: They require NVIDIA to open source their drivers or they
– March 4: LAPSUS$ released Samsung’s own source code.
See attached images for more details directly from LAPSUS$. pic.twitter.com/U3VD7R2KRl
— vx-underground (@vxunderground) March 4, 2022
The leak also allegedly includes algorithms for biometric unlock operations and the source code for Samsung Accounts, a login service associated with Samsung mobile devices.
According to Beeping Computerthis torrent has been shared by over 400 peers and includes a text file describing the content available for download:
- “Part 1 contains a source code dump and related data about security/protection/Knox/bootloader/trusted applications and various other items.
- Part 2 contains a source code dump and related device security and encryption data.
- Part 3 contains various repositories from Samsung Github: mobile security design, Samsung account backend, Samsung pass backend/interface, and SES (Bixby, Smartthings, store).”
The Nvidia hack was reported to be a ransom conspiracy, with hackers threatening to reveal an algorithm to bypass Nvidia’s mining restriction. Lapsus$ claimed that Nvidia hacked them, but claimed that they still have a copy of Nvidia’s sensitive data.
There is currently no information on a ransomware plot related to the Samsung incident, with all hacking files being released at the same time. It is unknown if Lapsus$ tried to extort a ransom from Samsung.
Samsung has not yet responded to the security breach.