NVIDIA isn’t the only corporate tech giant that has been breached by ransomware group Lapsus$, according to a tweet from vx-underground, which has shared some screenshots that indicate Samsung has become the hackers’ latest victim. One of the images is of a Telegram announcement, in which the group declares that it will begin leaking all sorts of data stolen from the company, including algorithms for biometric unlock operations, source code for accounts and activation servers, and even confidential code from Qualcomm. Another image shows a sample of the proprietary source code that’s been lifted by the Lapsus$ group.
LAPSUS$ extortion group have successfully breached both NVIDIA & Samsung.
— vx-underground (@vxunderground) March 4, 2022
-March 1st: They demand NVIDIA open-source its drivers, or else they will
-March 4th: LAPSUS$ released Samsung proprietary source code.
See attached images for more details directly from LAPSUS$ pic.twitter.com/U3VD7R2KRl
SAMSUNG LEAK IS HERE! (Lapsus$)
Now leaking confidential Samsung source code! Our leak from breach includes:
DEVICES/HARDWARE
- Source code for every Trusted Applet (TA) installed on all samsung device’s TrustZone (TEE) with specific code for every type of TEE OS (QSEE, TEEGris etc) THIS INCLUDES DRM MODULES AND KEYMASTER/GATEKEEPER!
- Algorithms for all biometric unlock operations, including source code that communicates directly with sensor (down to the lowest level, we’re talking individual RX/TX bitstreams here)
- Bootloader source code for all recent Samsung devices, including Knox data and code for authentication.
- Various other data, confidential source code from Qualcomm.
ONLINE SERVICES
- Samsung activation servers source code (for first-time setup)
- SAMSUNG ACCOUNTS FULL SOURCE CODE! Including Authentication, Identity, API, Services, and many more that wouldn’t fit here!
- Various other data.