The hack was performed by Lapsus$, which comes shortly after the group stole a whopping 1TB of data from Nvidia, of which the group released 20GB in a document.
This time, Lapsus$ released the data through a torrent with more than 400 peers sharing the content. It’s not clear at this point if the group asked Samsung for ransom before it released the data. The group said the leak contains “confidential Samsung source code,” which is obviously not something the company wants to have out there.
According to BleepingComputer, the leak contains source code for every Trusted Applet installed in the TrustZone environment, algorithms for all biometric unlock operations, bootloader source code for all recent Samsung devices, confidential code from Qualcomm, source code for Samsung’s activation servers, and complete source code for technology used for authorizing and authenticating Samsung accounts.
That’s a lot of data, but thankfully, it doesn’t appear the hackers were able to steal any user data, so if you’re a Samsung customer, your information should be safe.
Samsung hasn’t responded to the validity of the leak yet despite multiple outlets reaching out to the firm for comment. We’ll have to wait and see if the company addresses the situation or not.
