The same hacking group that managed to infiltrate NVIDIA servers 2 weeks ago has now begun leaking Samsung confidential data. The group managed to obtain as much as 1 TB of data from NVIDIA servers and has already released the source code for DLSS technology. After failed ransom and lack of NVIDIA cooperation, the team is now trying to sell the stolen information to 3rd party, including a bypass for cryptocurrency mining hash rate limited.
It is not mentioned which Samsung servers did the group target specifically, but they mention the data that has been stolen from Samsung servers.
After publishing a teaser LAPSUS$ provided the following description of the stolen data:
- source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
- algorithms for all biometric unlock operations
- bootloader source code for all recent Samsung devices
- confidential source code from Qualcomm
- source code for Samsung’s activation servers
- full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services
Should this claim turn out to be true, then Samsung suffered from a major data breach that may have serious security consequences for both the company and their partners (such as Qualcomm).
Updated:10:44 AM CEST Sep,20
(new)
