The Korean electronics manufacturer Samsung had to admit a data hack in which 190 GB of data were first stolen and now published. There is no user data in the data, but source codes and instructions on how Samsung protects its mobile devices internally. This could mean increased attacks on Samsung devices in the coming months.
Samsung recently admitted that there may have been a security breach related to certain internal company data. Samsung has now strengthened its cyber security. The stolen and now published data is said to contain some source codes that are used in Samsung cell phones. This should also include information on internal security measures.
Hacker group Lapsus$ captured source code
According to Samsung, the notorious hacker group Lapsus$ was the attacker. They captured 190 GB of data. For example, the group is said to have already attacked Nvidia and captured data there. However, Samsung states that the stolen data did not include any access or passwords to the customer cell phones. Nevertheless, it could be easier for attackers to attack a Samsung cell phone in the future. After all, the stolen data also contains information about the security technology of Samsung cell phones.
Lapsus$ itself may have commented on the contents of the data leak, saying it contained "Samsung confidential source code" stemming from a breach. As a list of contents they presented:
- Source code for each Trusted Applet (TA) installed in Samsung's TrustZone environment and used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
- Algorithms for all biometric unlock operations
- Bootloader source code for all recent Samsung devices
- Qualcomm confidential source code
- Source code for Samsung's activation servers
- Full source code for Samsung account authorization and authentication technology, including APIs and services
If the list is correct and this information is really all there, Samsung has a lot of work to do to protect users in the future. There is no detailed report on the hack from Samsung. But Bleeping Computer seems to know some technical details about the incident.