Hackers leak 190GB of alleged Samsung data, source code

The Lapsus$ knowledge extortion group leaked now a big assortment of private knowledge they claim to be from Samsung Electronics, the South Korean large shopper electronics enterprise.

The leak will come considerably less than a 7 days following Lapsus$ released a 20GB doc archive from 1TB of knowledge stolen from Nvidia GPU designer.

Gang teases Samsung info leak

In a take note posted previously currently, the extortion gang teased about releasing Samsung info with a snapshot of C/C++ directives in Samsung program.

Lapsus$ extortion group teasing Samsung data leak

Shortly soon after teasing their followers, Lapsus$ posted a description of the impending leak, stating that it contains “confidential Samsung resource code” originating from a breach.

  • resource code for each and every Trusted Applet (TA) installed in Samsung’s TrustZone natural environment employed for sensitive functions (e.g. hardware cryptography, binary encryption, accessibility management)
  • algorithms for all biometric unlock functions
  • bootloader supply code for all recent Samsung gadgets
  • private resource code from Qualcomm
  • source code for Samsung’s activation servers
  • full supply code for technologies employed for authorizing and authenticating Samsung accounts, together with APIs and products and services

If the facts higher than are accurate, Samsung has experienced a key knowledge breach that could result in substantial destruction to the organization.

Lapsus$ break up the leaked facts in a few compressed information that include to just about 190GB and made them accessible in a torrent that appears to be hugely well-liked, with a lot more than 400 peers sharing the material. The extortion team also mentioned that it would deploy additional servers to boost the download pace.

Lapsus$ torrent for the Samsung data leak

Bundled in the torrent is also a temporary description for the content available in each of the 3 archives:

  • Component 1 incorporates a dump of source code and similar data about Stability/Protection/Knox/Bootloader/TrustedApps and different other goods
  • Aspect 2 incorporates a dump of source code and associated data about system security and encryption
  • Aspect 3 includes a variety of repositories from Samsung Github: cellular protection engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby, Smartthings, retail outlet)

It is unclear if Lapsus$ contacted Samsung for a ransom, as they claimed in the situation of Nvidia.

BleepingComputer has contacted Samsung for a assertion about the Lapsus$ details leak and will update the short article when the company replies.

This is creating tale