Hackers have Samsung Source Code
Samsung Confirms threat actors have stolen their devices source code!
It was confirmed on Monday by Samsung Electronics that their network was breached and hackers stole confidential information, including source code present in Galaxy smartphones. As first reported by BleepingComputer, the data extortion group Lapsus$, leaked at the end of last week close to 190GB of archives unfortunately claiming to have been snatched from Samsung. Just less than a week before, this same group released 20GB of archived documents from Nvidia that the attackers claimed is part of a 1TB cache of data they snatched following week-long access to the company’s network.
Lapsus$ leaked the data they claim to be from Samsung Electronics along with a description of the contents included. If this summary is actually accurate, then it seems that Tech Giant Samsung has suffered a major data breach and majority if it’s details related to technology and algorithms are now out and about in public. After a reporter reached out to Samsung, in North America and South Korea, many times seeking for a comment about the leak and the data allegedly stolen from the company did not receive any response. However, In a statement today, the company confirmed to Bloomberg that “certain internal company data” had been put out to an unauthorized party following a security breach.
“According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees” – Samsung
They have not stated if the threat actors made any demands before leaking the proprietary information, as it happened in the case of the Nvidia leak. Lapsus$ group also claimed that the reason they are delaying the leak of the the rest of the Nvidia information is because they are negotiating with a buyer. Additionally, cache leaked from Samsung is much larger and allegedly includes details about the company’s Trusted Applet in Samsung’s TrustZone environment responsible for sensitive tasks such as hardware cryptography, binary encryption, and access control. Hackers have also said, that the dump includes source code for Knox, Samsung’s proprietary security and management framework present on most of its devices.
Source:
