Samsung confirms hack, some Galaxy source code was stolen
Samsung confirmed the security breach to Bloomberg on Monday, after 190GB+ of data leaked by hacker group named Lapsus$.

Samsung confirmed the security breach to Bloomberg on Monday, a breach in which internal company data and source code for software for the Galaxy smartphones were stolen. The company assures that no personal data was leaked (not for employees and not for customers) and that measures have been taken to prevent further breaches.

Samsung did not identify the perpetrators, but it appears that it is LAPSUS$, the same hacking group that stole proprietary information from Nvidia last week.

A 190GB+ torrent was posted to the group’s Telegram channel on Friday, which allegedly contains source code for the bootloader and biometric authentication systems on Galaxy devices.

The stolen data also allegedly includes confidential data from U.S. chipmaker Qualcomm, which supplies chipsets for Samsung smartphones sold in the United States.

Access to source code can help threat actors find security vulnerabilities that otherwise might not be easily found, potentially opening affected devices or systems to exploitation or data exfiltration.

It’s not yet clear whether Lapsus$ demanded a ransom from Samsung before leaking the data, as it did with increasingly bizarre demands aimed at Nvidia. The gang called on the U.S. chipmaker to disable its controversial Lite Hash Rate (LHR) feature and demanded it open source its graphics chip drivers for Windows, macOS and Linux devices.

That deadline came and went on Friday, but the hacking group has yet to follow through with its threat.

Leave a Comment

Your email address will not be published.

Scroll to Top
Share to...