After NVIDIA, Samsung Are The Next Victims Of Data Theft

Samsung emerges as the latest victim of data theft. Reportedly, the same attackers who targeted NVIDIA now claimed to have stolen Samsung’s source code and other confidential information.

Samsung Data Theft And Leak

According to Bleeping Computer, the LAPSUS$ ransomware gang has recently shared teasers regarding the Samsung data theft.

As reported, the threat actors have hinted at hacking Samsung’s network and stealing sensitive data. This claim arrived almost a week after the same hacking group targeted NVIDIA.

Specifically, the hackers claimed to have stolen 190GB of confidential information, including Samsung’s source code for every Trusted Applet (TA) in Samsung’s TrustZone, bootloader, activation servers, and Samsung account authentication and authorizing APIs and servers. Besides these source codes, the stolen information also includes biometric unlock function algorithms and other confidential details.

The attackers even shared screenshots of C/C++ directives in Samsung software to back their claim. Later, they dumped the data (divided into three separate files) on torrent. The hackers even pledged to add more servers to boost download speeds.

What To Expect From Samsung?

In the case of NVIDIA, the firm initially released a carefully worded statement regarding the incident. But later, they confirmed to have suffered an impact on employee credentials following this incident. While they ruled out ransomware involvement, the community could see a ransom demand from the attackers.

Specifically, the attackers asked NVIDIA to open-source their drivers and remove rate-limits from their GPUs to facilitate crypto mining.

For now, it remains unclear if NVIDIA would ever do that. But such a demand, amidst the ongoing Samsung cyberattack, hints how the attackers would blackmail Samsung as well. So even if the Korean giant won’t have to pay the huge ransom, they might receive similar demands with even more profound and long-term effects.

So far since writing this story, Samsung hasn’t released an official statement in this regard.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients