Samsung hacked: 190 gigabytes of data released

B2B Cyber ​​Security ShortNews

Share post

The Korean electronics manufacturer Samsung had to admit a data hack in which 190 GB of data were first stolen and now published. There is no user data in the data, but source codes and instructions on how Samsung protects its mobile devices internally. This could mean increased attacks on Samsung devices in the coming months.

Samsung recently admitted that there may have been a security breach related to certain internal company data. Samsung has now strengthened its cyber security. The stolen and now published data is said to contain some source codes that are used in Samsung cell phones. This should also include information on internal security measures.

Hacker group Lapsus$ captured source code

According to Samsung, the notorious hacker group Lapsus$ was the attacker. They captured 190 GB of data. For example, the group is said to have already attacked Nvidia and captured data there. However, Samsung states that the stolen data did not include any access or passwords to the customer cell phones. Nevertheless, it could be easier for attackers to attack a Samsung cell phone in the future. After all, the stolen data also contains information about the security technology of Samsung cell phones.

Lapsus$ itself may have commented on the contents of the data leak, saying it contained "Samsung confidential source code" stemming from a breach. As a list of contents they presented:

  • Source code for each Trusted Applet (TA) installed in Samsung's TrustZone environment and used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
  • Algorithms for all biometric unlock operations
  • Bootloader source code for all recent Samsung devices
  • Qualcomm confidential source code
  • Source code for Samsung's activation servers
  • Full source code for Samsung account authorization and authentication technology, including APIs and services

If the list is correct and this information is really all there, Samsung has a lot of work to do to protect users in the future. There is no detailed report on the hack from Samsung. But Bleeping Computer seems to know some technical details about the incident.


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more