Hackers leak 190GB of alleged Samsung data, source code

Data extortion group Lapsus$ today leaked a huge collection of confidential data they claim is from Samsung Electronics, the South Korean consumer electronics giant.

The leak comes less than a week after Lapsus$ released a 20GB document archive from 1TB of data stolen from GPU designer Nvidia.

Gang teases Samsung data leak

In a note posted earlier today, the extortion gang mocked Samsung’s data release with a snapshot of C/C++ directives in Samsung software.

Lapsus$ Extortion Group Teases Samsung Data Leak

Shortly after teasing their followers, Lapsus$ posted a description of the upcoming leak, claiming it contains “confidential Samsung source code” from a breach.

  • source code for each trust applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
  • algorithms for all biometric unlocking operations
  • bootloader source code for all recent samsung devices
  • Qualcomm confidential source code
  • source code for samsung activation servers
  • complete source code of the technology used to authorize and authenticate Samsung accounts, including APIs and services

If the above details are correct, Samsung has suffered a major data breach that could cause huge damage to the company.

Lapsus$ split the leaked data into three compressed files that add up to nearly 190GB and made them available in a torrent that appears to be very popular, with over 400 peers sharing the content. The extortion group also said it will deploy more servers to increase download speed.

Lapsus$ torrent for Samsung data leak

The torrent also includes a brief description of the content available in each of the three archives:

  • Part 1 contains a dump of source code and associated data on Security/Defense/Knox/Bootloader/TrustedApps and various other items
  • Part 2 contains a dump of the source code and associated data on device security and encryption
  • Part 3 contains various repositories from Samsung Github: Mobile Defense Engineering, Samsung Account Backend, Samsung Pass Backend/Frontend and SES (Bixby, Smartthings, Store)

It’s unclear if Lapsus$ contacted Samsung for a ransom, as they claimed in the Nvidia case.

BleepingComputer has contacted Samsung for a statement on the Lapsus$ data leak and will update the article when the company responds.

It’s a developing story

Previous Copyright Office ruling exposes AI and NFT issues
Next Elden Ring has Steam Cloud save issues on PC – Eurogamer.net