Lapsus$ gang leaks data allegedly stolen from Samsung Electronics

The Lapsus$ ransomware group claimed to have hacked Samsung Electronics and leaked alleged stolen confidential data.

The Lapsus$ ransomware gang claims to have stolen a huge trove of sensitive data from Samsung Electronics and leaked 190GB of alleged Samsung data as proof of the hack.

The gang announced the availability of the sample data on its Telegram channel and shared a Torrent file to download it. They also shared an image of the source code included in the stolen data.

Stolen data contains confidential Samsung source code, including:

• DEVICES/HARDWARE -Source code for every Trusted Applet (TA) installed on all samsung device’s TrustZone (TEE) with specific code for every type of TEE OS (QSEE, TEEGris etc). THIS INCLUDES DRM MODULES AND KEYMASTER/GATEKEEPER!
• Algorithms for all biometric unlock operations, including source code that communicates directly with sensor (down to the lowest level, we’re talking individual RX/TX bitstreams here).
• Bootloader source code for all recent Samsung devices, including Knox data and code for authentication.
• Various other data, confidential source code from Qualcomm.

If the data leak is authentic this security breach could have a severe impact on the company.

Last week, the Lapsus$ ransomware gang claimed responsibility for the cyber attack against chipmaker giant NVIDIA. The group announced to have stolen 1 TB of data from the company’s network. The ransomware gang leaked online around 20GB of data, including credentials for all Nvidia employees.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Samsung Electronics)

[adrotate banner=”5″]

[adrotate banner=”13″]