Hackers leak 190GB of data allegedly from Samsung, includes source code and biometric unlocking algorithms

[zipping]

https://www.hardwarezone.com.sg/tech-news-hacker-leak-190gb-samsung-data-source-code-security

Hackers leak 190GB of data allegedly from Samsung, includes source code and biometric unlocking algorithms

By Kenny Yeo - on 7 Mar 2022, 9:48am

(Image source: Samsung)

The Lapsus$ hacking group has just leaked a huge collection of data that they claim to be from Samsung.

The leaked data is presently being shared on a torrent and is presented as three compressed files that amount to nearly 190GB. At the time of writing, the report says they are more than 400 peers sharing the file.

And earlier, the group posted a screenshot with C/C++ directives in a Samsung software earlier. And according to the group, the torrent contains data of the following:

Source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)

Algorithms for all biometric unlock operations

Bootloader source code for all recent Samsung devices

Confidential source code from Qualcomm

Source code for Samsung’s activation servers

Full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services

If it looks bad, that's because it is. If the claims are accurate, Samsung is looking at a major breach that could cause substantial damage to the company.

Lapsus$ is the same group behind the recent NVIDIA breach. They are demanding the graphics giant remove limitations on cryptocurrency mining or they will leak the company's source code.

However, it is unknown at this time if they have made similar demands of Samsung.

In a statement to The Korea Herald, Samsung says it is investigating the incident.

Most recently, Samsung was caught throttling the performance of some apps.

Source: BleepingComputer

 

https://www.techspot.com/news/93663-nvidia-hackers-leak-190gb-sensitive-data-samsung.html

Nvidia hackers leak 190GB of sensitive data from Samsung

The leaks includes Samsung's encryption data and source code

By Vann Vicente March 6, 2022, 10:12 AM

 

What just happened? Lapsus$, a hacking group that leaked confidential information from Nvidia just last week, has reportedly moved to a new target: Samsung. The hackers have claimed an attack that leaked 190GB of confidential information from the South Korean technology giant, including encryption data and source code for Samsung's most recent devices.

The hackers behind the Nvidia security breach are setting their sights on the biggest tech companies in the world. Last week, South American hacker group Lapsus$ claimed to have perpetrated a major hacking attack on Nvidia, stealing over 1TB of information and holding it ransom. The Telegraph reported that Nvidia's internal systems were "completely compromised."

On Saturday, the hackers leaked nearly 190GB of data from Samsung, subsequently publishing the files through torrent. This reportedly includes sensitive information that may be used to compromise Samsung devices.

The publication vx-underground, which tracks information about malware across the web, tweeted a message that Lapsus$ released to their followers. It alleges that the hack includes "source code from every Trusted Applet installed on all Samsung devices" and "confidential source code from Qualcomm."

The leak also purportedly includes the algorithms for biometric unlock operations and the source code for Samsung Accounts, a login service associated with Samsung's mobile devices.

According to Bleeping Computer, the torrent has been shared by more than 400 peers, and includes a text file that describes the content available in the download:

"Part 1 contains a dump of source code and related data about Security/Defense/Knox/Bootloader/TrustedApps and various other items

Part 2 contains a dump of source code and related data about device security and encryption

Part 3 contains various repositories from Samsung Github: mobile defense engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby, Smartthings, store)"

The Nvidia hack was reported to be a ransom plot, with the hackers threatening to leak Nvidia's mining limiter bypass algorithm. Lapsus$ claimed that Nvidia hacked them back but maintained that they still had a copy of Nvidia's confidential data.

Currently, there is no information about an extortion plot associated with the Samsung incident, with all files in the hack being released simultaneously. It is unknown if Lapsus$ has attempted to extort Samsung for a ransom.

Samsung has yet to respond to the security breach.

Edited March 7, 2022 by zipping

[Mustank]

Hope they don’t hack my taobao account

[Watwheels]

I think scammers/hackers will soon hack into many ppl's smartphone. 

Remove your CC from your ewallets and change to Apple phones. 😆

[Atrecord]

WTF!!!

i just ordered a new samsung phone...

 

[macrosszero]

190gb sounds like a big deal until people realize that most databases such as my work email is filled with useless media that people mindlessly quote.

That being said though, the hack itself is nothing to be scoffed at - even just 2gb of data could be enough to cause great harm.

[Soya]

Skali one day MCF may oso kena hack

We'll know it when babyblade suddenly become as fierce as hantu radX

Or T2 advocate taking loan

Liddat confirm kena hack

 

[Ct3833]

3 hours ago, Atrecord said:

WTF!!!

i just ordered a new samsung phone...

 

Let me guess, S22 Ultra ? 😅

[BanCoe]

I just bought Samsung TV with soundbar ……. Hope my guarantee gets extended to like year 2030 instead of current 3 years only 

[Atrecord]

3 hours ago, Ct3833 said:

Let me guess, S22 Ultra ? 😅

ok, can go buy 4D liao...

[Ct3833]

15 minutes ago, Atrecord said:

ok, can go buy 4D liao...

Let me guess again,  you are getting the 512GB one? 🤣

Do share your experience once you receive it. Am tempting to replace my note 9 too. Fortunately this is an easier  discussion than changing car. 😃😃

Edited March 7, 2022 by Ct3833

[Windwaver]

Time to switch over to Xiaomi phones 

[Atrecord]

17 hours ago, Ct3833 said:

Let me guess again,  you are getting the 512GB one? 🤣

Do share your experience once you receive it. Am tempting to replace my note 9 too. Fortunately this is an easier  discussion than changing car. 😃😃

aiyah... this time only half right. i wanted the 512... but waited too long till only left 256...

why, cos i upset with singtel. with them >2 decades, dun value loyal customers. asked them for voucher, wah so stingy and slow - ding dong ding dong 2-3 weeks then give me $100... 

i was si bey tempted to jump ship go outside take a no-contract cheap cheap plan and port my number over... was looking at CM $10 plan... The idea is after a week of jumping ship, then come back singtel to sign as new line, then can get $200 off... was thinking still worth it mah...

but sian, son was injured and then caught covid, so was busy the last 3 wk... in the end heck, didn't take the trouble, and just went with singtel...

my note 9 the s pen cannot connect with the phone to use as remote control for taking photo leh... hardly used this, but wanted to during CNY... dunno what happened...

[Windwaver]

Just bought a Poco F3 for my dad, he says need faster speed to watch videos 

[Windwaver]

45 minutes ago, Atrecord said:

aiyah... this time only half right. i wanted the 512... but waited too long till only left 256...

why, cos i upset with singtel. with them >2 decades, dun value loyal customers. asked them for voucher, wah so stingy and slow - ding dong ding dong 2-3 weeks then give me $100... 

i was si bey tempted to jump ship go outside take a no-contract cheap cheap plan and port my number over... was looking at CM $10 plan... The idea is after a week of jumping ship, then come back singtel to sign as new line, then can get $200 off... was thinking still worth it mah...

but sian, son was injured and then caught covid, so was busy the last 3 wk... in the end heck, didn't take the trouble, and just went with singtel...

my note 9 the s pen cannot connect with the phone to use as remote control for taking photo leh... hardly used this, but wanted to during CNY... dunno what happened...

Aiya, all these tech stuff secondary, family more important.

Having said that, I've been a Note fan too but since Note 9, I just find that it's getting OP.

Just like the Poco F3 8/256GB I just bought (above) for my dad, less than $420 with casing and glass protector.

 

[Mustank]

Better don’t hack dangerous people things 

wait serious shit

 

[Ct3833]

1 hour ago, Atrecord said:

aiyah... this time only half right. i wanted the 512... but waited too long till only left 256...

why, cos i upset with singtel. with them >2 decades, dun value loyal customers. asked them for voucher, wah so stingy and slow - ding dong ding dong 2-3 weeks then give me $100... 

i was si bey tempted to jump ship go outside take a no-contract cheap cheap plan and port my number over... was looking at CM $10 plan... The idea is after a week of jumping ship, then come back singtel to sign as new line, then can get $200 off... was thinking still worth it mah...

but sian, son was injured and then caught covid, so was busy the last 3 wk... in the end heck, didn't take the trouble, and just went with singtel...

my note 9 the s pen cannot connect with the phone to use as remote control for taking photo leh... hardly used this, but wanted to during CNY... dunno what happened...

Understand your predicament. Hope your boy is ok now and covid is over at your end by now.  Sometimes when a problem Can be solved by money , just pay and move on, you would end up happier.

[Atrecord]

15 hours ago, Windwaver said:

Aiya, all these tech stuff secondary, family more important.

Having said that, I've been a Note fan too but since Note 9, I just find that it's getting OP.

Just like the Poco F3 8/256GB I just bought (above) for my dad, less than $420 with casing and glass protector.

Yup - tks.

That's why didn't follow up closely during the period, and only made the decision when son was better.

Didn't know about the Poco. Is it good? I just passed my old Note 8 to my father. Except that the batt life isn't great now, the phone should otherwise be more than enough for him.

[Atrecord]

15 hours ago, Ct3833 said:

Understand your predicament. Hope your boy is ok now and covid is over at your end by now.  Sometimes when a problem Can be solved by money , just pay and move on, you would end up happier.

Thanks! Yes, he's tested negative 10 days ago, and had gone back to classes, even though his injury is still healing - and requires help with some daily tasks.

And exactly, in the end, i figured i didn't have the energy to save that $100 or so... so took the easy way out...

Now waiting for the delivery next week. Not sure what's the voucher that's given as part of the pre-order thingy... if it's samsung vouchers, then might use it get a cover - else i'll order one first and hope delivery will not take too long...