Lapsus$ Group Leaks Alleged Samsung Confidential Data

Lapsus$ now holds a collection of confidential data from the South Korean tech giant Samsung. The said Samsung data acquired by Lapsus$ has also been recently leaked to the public.

Lapsus$ first made headlines last month as they hacked NVIDIA. The ransomware gang compromised NVIDIA's sensitive employee information and proprietary information, threatening to leak the data if their demands are not met.

Lapsus$ Leaks Samsung Data

It has been reported that Lapsus$ leaked 190 GB of data from Samsung. Earlier before the leak, Lapsus$ first teased their audience with a screenshot of C/C++ directives in Samsung software.

Lapsus$ published a description of the upcoming leak shortly after teasing their followers, claiming that it contains "confidential Samsung source code" that was obtained through the recent breach.

As written by Bleeping Computer, here are the descriptions of the data that Lapsus$ holds:

Every Trusted Applet (TA) installed in Samsung's TrustZone environment that is used for sensitive operations has its source code available (e.g. hardware cryptography, binary encryption, access control)

  • Algorithms intended for all the biometric unlock operations.
  • The bootloader source code for all recent Samsung devices is available here.
  • Qualcomm has provided a confidential source code.
  • Samsung's activation servers' source code can be found here.
  • complete source code for the technology that is used for authorizing and authenticating Samsung accounts, as well as APIs and other services

If the data the cyber group acquired proves true, Samsung suffered a massive security breach. The leaked data, which has been divided into three compressed files, totaled nearly 190GB.

Lapsus$ made the content available in a torrent that appears to be extremely popular. Furthermore, the group also stated that it would deploy more servers to increase the download speed.

The folders Lapsus$ has with Samsung contain information for source code and related data about security, defense, Knox, bootloader, and trusted apps.

In addition, it also reported that the leaked information contains "various repositories from Samsung Github: mobile defense engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby, Smartthings, store)".

As of writing, it is not made clear yet whether Lapsus$ reached out to Samsung to ransom the stolen data.

Lapsus$ Attack on NVIDIA

The computer technology company NVIDIA confirmed that their internal systems were compromised in a breach on February 23. The breach happened just one day before the political conflict in Eastern Europe started.

The cyber group was able to seize information from 71,000 employees of NVIDIA. The compromised data is reported to have confidential information about the tech company's software and hardware.

Lapsus$ stated that they were able to seize 1TB of data from the company.

NVIDIA was aware throughout the attack and was able to take actions to prevent further infiltration of data. However, the hackers moved swiftly which made the company unsuccessful in its attempt to cushion the data breach.

Lapsus$ stated the following:

"We decided to help mining and gaming community, we want nvidia to push an update for all 30 series firmware that remove every lhr limitations otherwise we will leak hw folder. If they remove the lhr we will forget about the hw folder (it's a big folder). We both know lhr impact mining and gaming."

Aside from that, Lapsus$ demands NVIDIA to provide open-source GPU drivers for Windows, macOS, and Linux. The group also gave an ultimatum that open sourcing these devices should be until Friday (March 4).

As reported previously, the leaked data contains the AD100 architecture. The data revealed that the company intends to use the AD102, AD103, AD104, AD106, AD107, and AD10B chips to build the next generation of GeForce GPUs.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics