Samsung has been hacked!
Samsung confirmed that the company has been hacked. But unfortunately Samsung is not sharing any further information. We don’t know who is behind this attack, nor what data was stolen exactly.
More TechInDeep News:
Samsung has been hacked by Lapsu$?
It seems like the group responsible for hacking NVidia is the same one that hacked Samsung as well. Please note that this is unconfirmed information. It looks like the goal of the attack was aiming towards the secret source code for Samsung devices.
To the relief to millions worried Samsung users, the hackers did not steal any personal data. Samsung did release an official statement:
“We were recently made aware that there was a security breach relating to certain internal company data. Immediately after discovering the incident, we strengthened our security system. According to our initial analysis, the breach involves some source codes relating to the operation of Galaxy devices but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”
Like we mentioned earlier, the South American hacker group going under the name of Lapsus$ is responsible for the attack. This group of hackers was noticed the first time after hacking NVidia. They did release 20GB of data from the 1TB that was stolen.
What has been leaked?
Lapsus$ did post the stolen data from Samsung online. We are talking about 190GB of confidential information that was never intended to be leaked to the general public. One of the modules leaked online was the source code for the bootloader which is being used in the newer Samsung devices. The hacker group did post the torrent on their Telegram channel.
The hackers were able to obtain the source code for Samsung’s activation servers, and confidential source code from Qualcomm.
According to BleepingComputer every Trusted Applet installed in the TrustZone environment is leaked. And not only that, but the algorithms for biometric inlock operations are available as well. Even though Samsung has been hacked, there might not be any room for panic.
The most worrisome part of the hack is the now publicly available source code that Samsung uses to authorize and authenticate users. And even worst is the fact that the hackers claim that they have the source code for Knox. This is the Samsung’s security platform that is used by all the Galaxy devices.
The 190GB leaked data was split into three compressed files. Right now all of this information is available to download as a single torrent file. Currently there are not a lot of peers (as of now there are around 400 peers sharing the content) to share the stolen data. But, the group did threaten to add more.
The question on everyone mind is: Will the hackers try to blackmail Samsung? Will they go the same route as they did with the NVidia hack? They did refrain form releasing even more files from the NVidia hack, because they were ongoing negotiations with an interested buyer.
More TechInDeep Tutorials:
- How to make Moving Images on Your Phone
- How to unsend an Email from GMail
- How to fix Scroll Lag on Your Browser
- How to download Instagram Image
Could this happen again?
This is not the first time Samsung has been hacked. Right now we don’t have any information if the hackers did contacted Samsung and ask for money before the data was published. This could be a huge deal for Samsung, because the data in question contains not only confidential company information, but impactful source code as well.
Obviously a source code is not something the company wants to have out there. Although the hack does contain a lot of data, thankfully it doesn’t appear the hackers were able to steal any user data. So if you are a Samsung customer, your information should be safe.
Our best guess is that we will get more info in the upcoming days. Despite multiple outreaches, Samsung has not responded to the validity of the leak just yet. We’ll have to wait and see if the company addresses the situation or not.