This week, a group of hackers reported leak 190GB worth of data one of the world’s largest electronic companies. The ‘Lapsus$ data’ group, is mainly an extortion group which leaked a massive collection of confidential data on Friday, March 4. They claim the data to be from the South Korean giant consumer electronic company, Samsung Electronics.
This significant leak has visibly occurring less than a week after another notable leak by the extortion group. The Lapsus$ group had released a document archive of 20GB, which was from the data stolen from Nvidia GPU designer which was worth 1TB.
The extortion group teased Samsung data leak
A note was released on Friday, March 4 by the hacker gang. The extortion group visibly teased on releasing the acquired data of Samsung with a snapshot. The shot was of the C/C++ directives in the software of Samsung. Following this, the group posted a description of the of the forthcoming leak. In the description, they mentioned that it comprises “confidential Samsung source code,” which originated from a breach.
The breach contained source code for every installation for Trusted Applet in the TrustZone environment of Samsung which was used for operations which were sensitive in nature. Along with it, algorithms for all sorts of biometric unlock operations, source code (bootloader) for all relatively newer Samsung devices, Qualcomm’s confidential source code. In addition to these, the entire source code for technology utilised for authorisation and authentication of Samsung accounts, which includes APIs.
If the details given are indeed accurate, Samsung has evidently suffered a significant breach of data. Moreover, this data breach could possibly result in major harm to the electronics company. The group, Lapsus$ was seen to divide the leaked data in 3 separate, compressed files adding to about 190GB. The gang made the files available in a torrent that seemed to be quite popular, for more than 400 peers appeared to be sharing these. The extortion gang added that they would be possibly deploying more servers to increase the download speed.
The contents of the three files:
The three compressed files that added up to 190GB had different parts of the entire content that was leaked. The first part comprised a source code dump and related data about items like Security, Defence, Knox, TrustedApps, etc. The second part consisted of a dump of source code along with data related to it about security and encryption of the devices. Finally, the third part contained several repositories from Samsung Github- Samsung account backend, mobile defence engineering. Additionally, Samsung pass backend/frontend, and SES (Bixby, Smartthings, store).
As we know, Lapsus$ had claimed a ransom in case of Nvidia’s data leak. However, it is still not clear whether the extortion group had contacted Samsung for the same. Samsung is yet to give a statement on the situation of the data leak.