Samsung allegedly hacked by the same group as NVIDIA, first data leaked

Published: Mar 5th 2022, 08:56 GMT   Comments

Hacking group LAPSUS$ claims to have accessed Samsung confidential data

Extortion group released a teaser with the first information exfiltrated from Samsung servers. 

The same hacking group that managed to infiltrate NVIDIA servers 2 weeks ago has now begun leaking Samsung confidential data. The group managed to obtain as much as 1 TB of data from NVIDIA servers and has already released the source code for DLSS technology. After failed ransom and lack of NVIDIA cooperation, the team is now trying to sell the stolen information to 3rd party, including a bypass for cryptocurrency mining hash rate limited.

It is not mentioned which Samsung servers did the group target specifically, but they mention the data that has been stolen from Samsung servers.

LAPSUS$ on Samsung hack, Source:@vxunderground

After publishing a teaser LAPSUS$ provided the following description of the stolen data:

  • source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
  • algorithms for all biometric unlock operations
  • bootloader source code for all recent Samsung devices
  • confidential source code from Qualcomm
  • source code for Samsung’s activation servers
  • full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services

Should this claim turn out to be true, then Samsung suffered from a major data breach that may have serious security consequences for both the company and their partners (such as Qualcomm).

With no mention of the ransom or even being engaged with Samsung in any type of communication, it appears that Samsung either failed to meet the demands of the extortion group or has declined to comply with the terms.

Many thanks to TerpMike28 for the tip!

Comment Policy
  1. Comments must be written in English and should not exceed 1000 characters.
  2. Comments deemed to be spam or solely promotional in nature will be deleted. Including a link to relevant content is permitted, but comments should be relevant to the post topic. Discussions about politics are not allowed on this website.
  3. Comments and usernames containing language or concepts that could be deemed offensive will be deleted.
  4. Comments complaining about the post subject or its source will be removed.
  5. A failure to comply with these rules will result in a warning and, in extreme cases, a ban. In addition, please note that comments that attack or harass an individual directly will result in a ban without warning.
  6. VideoCardz has never been sponsored by AMD, Intel, or NVIDIA. Users claiming otherwise will be banned.
  7. VideoCardz Moderating Team reserves the right to edit or delete any comments submitted to the site without notice.
  8. If you have any questions about the commenting policy, please let us know through the Contact Page.
Hide Comment Policy