Lapsus hacker group which has recently hacked NVIDIA and leaked its user information, other internal tools, and software source code now claimed to hack Samsung Network.
Just an hour ago, the LAPSUS group posted the update on hacking Samsung and leaked Samsung's confidential source code including other confidential data too. Hacker release the hacked data in a torrent file, which have a readme.txt file. Approx 195 GB of data has been leaked by hackers.
Part 1 contains a dump of source code and related data about Security/Defense/Knox/Bootloader/TrustedApps and various other items.
Part 2 contains a dump of source code and related data about device security and encryption-related stuff.
Part 3 contains various repositories from Samsung Github. Including Mobile defence engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby, Smartthings, store, etc)
Parts, 1 and 2 also contain highly confidential data from mobile chipmaker giants Qualcomm and various other Samsung partners. What data has been leaked from Qualcomm and which partners, the hackers are talking about is yet to see.
Additionally, hackers categorize the leaks which contain-
Devices & Hardware category
- Source code for every Trusted Applet (TA) installed on all Samsung devices TrustZone (TEE) with specific code for every type of TEE OS (QSEE, TEEGris, etc). This also includes DRM Modules and KEYMASTER/GATEKEEPER source codes.
- Algorithms for all biometric unlock operations, including source code that communicates directly with the sensor
- Bootloader source code for all recent Samsung devices, including Knox data and code for authentication
- Various other data, confidential source code from Qualcomm
Online Services category
- Samsung activation servers source code which was mainly used for first-time setup of the device.
- Full Source code of Samsung Accounts which includes Authentication, Identity, API, Services, and many more.
- Various miscellaneous confidential data