Samsung hacked by the hacker group Lapsus$, revealing a number of crucial source codes for the company’s software and devices. It’s unknown if the hacker organization has made contact with ransom so far. Hackers were responsible for the uploading of sensitive information from Nvidia, and they’ve now turned their attention to Samsung. Lapsus$, has allegedly stolen 190GB worth of data from Samsung, which includes encryption and source codes for many of Samsung’s new devices.
Samsung hacked, revealing critical information
The attack on Samsung occurred on Saturday when the hackers leaked the confidential data obtained through an assault on Samsung and published it on torrent. In a message sent to their followers, the hackers uploaded the entire data in three parts, as well as a text file that listed the contents of the download.
The note explains that the leaked data includes “source code from every Trusted Applet” installed on each Samsung device, as well as confidential source code from Qualcomm, biometric unlock algorithms for devices, bootloader source code for the devices, and source codes for Samsung’s activation servers and Samsung account authentications.
Samsung hacked only days after the hackers attempted a ransom scheme against Nvidia. The hackers have presumably accessed 71,000 employee emails and hashes because of the compromise of 1TB of corporate data from the chipmaker.
The Lapsus$ hacking group has placed enormous demands on Nvidia to match, due to the data ransom situation. It is not a straightforward request for cash, which is surprising. The attackers have asked Nvidia to remove the restriction it imposed on its Nvidia 30-series GPUs that limits them against Ethereum cryptocurrency mining. They also demand that Nvidia open-source its GPU driver indefinitely.
The hackers clearly seek money from the leaked information. One threatened to give anyone an Nvidia GPU bypass to be used in crypto mining for $1 million. Another message from the group stated that they were attempting to sell the data directly to a buyer rather than releasing it openly. “Employee credentials” and “confidential information” were stolen in the Nvidia attack. Although it denied any ties between the cyberattack and the ongoing Russia-Ukraine conflict, it promised that the assault would not have a detrimental effect on its operations.
There has been no indication that Lapsus$ has requested a comparable ransom after they got Samsung hacked. However, if they do, it will certainly be a major blow to Samsung, given the type of data that the hacking group now claims to have access to.