London Daily

Focus on the big picture.
Tuesday, May 24, 2022
LondOn!
Add Your News
Hackers leak 190GB of alleged Samsung data, Galaxy source code

Hackers leak 190GB of alleged Samsung data, Galaxy source code

The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company.

The leak comes less than a week after Lapsus$ released a 20GB document archive from 1TB of data stolen from Nvidia GPU designer.

Gang teases Samsung data leak


In a note posted earlier today, the extortion gang teased about releasing Samsung data with a snapshot of C/C++ directives in Samsung software.


Shortly after teasing their followers, Lapsus$ published a description of the upcoming leak, saying that it contains “confidential Samsung source code” originating from a breach.

*  source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)

*  algorithms for all biometric unlock operations

*  bootloader source code for all recent Samsung devices

*  confidential source code from Qualcomm

*  source code for Samsung’s activation servers

*  full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services

If the details above are accurate, Samsung has suffered a major data breach that could cause huge damage to the company.

Lapsus$ split the leaked data in three compressed files that add to almost 190GB and made them available in a torrent that appears to be highly popular, with more than 400 peers sharing the content. The extortion group also said that it would deploy more servers to increase the download speed.


Included in the torrent is also a brief description for the content available in each of the three archives:

*  Part 1 contains a dump of source code and related data about Security/Defense/Knox/Bootloader/TrustedApps and various other items

*  Part 2 contains a dump of source code and related data about device security and encryption

*  Part 3 contains various repositories from Samsung Github: mobile defense engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby, Smartthings, store)

It is unclear if Lapsus$ contacted Samsung for a ransom, as they claimed in the case of Nvidia.

BleepingComputer has contacted Samsung for a statement about the Lapsus$ data leak and will update the article when the company replies.

Comments
Add comment
Oh ya 77 days ago
But don't worry your crypto is safe. Bhaaaaa. If you don't hold it you don't own it.
View all comments (1)Add comment
Newsletter
Related Articles

Bank of England not to blame for soaring inflation, says governor

Andrew Bailey defends response to Covid pandemic and indicates Bank will not take aggressive approach to raising interest rates

‘One-sided’: unionists react with scorn as US delegation arrives in Ireland

Cross-party group aiming to shore up support for NI protocol is welcomed in Dublin, but DUP meeting expected to be frosty

Britons cut spending on streaming services amid cost-of-living squeeze

Fewer card and direct debit transactions made between 1 and 30 April, says Nationwide

Queen arrives in buggy to tour gardens at Chelsea flower show

The monarch was chauffeured around the Royal Horticultural Society event in London

Children struck by school bus in Welsh village

Pupils and bus driver taken to hospital as a result of after-school collision in Llanfair Caereinion

Zuckerberg sued by DC attorney general over Cambridge Analytica data scandal

Karl Racine accuses Facebook co-founder of direct knowledge of policies that allowed firm to gather data of millions of Americans

Johnson faces fresh claims he lied to MPs as new Partygate photos emerge

Images obtained by ITV News reveal table strewn with bottles at leaving do for a senior aide in November 2020

Latest Boris Johnson photos bring Partygate scandal back into focus

Analysis: Images leaked to ITV News make PM’s life difficult again and could further damage his reputation

Racism in UK maternity care risks safety of Black, Asian and mixed ethnicity women – study

Participants in charity’s year-long inquiry describe being ignored and feeling patronised and dehumanised

Monkeypox cases in UK more than double to 57

Scotland confirms first case as health officials say outbreak is ‘significant and concerning’ but poses low risk

Office for Students chair speaks at same event as denounced racist

Tory leaders urged to investigate after James Wharton appears at Cpac Hungary on same day as Zsolt Bayer
London Daily
Add Your News
×