This leak comes on the heels of a 20GB leak of NVIDIA data that included details of NVIDIA’s DLSS feature. Unlike the leak from NVIDIA, the Samsung leak does not have an exciting story of being “hacked back” nor references to crypto mining (at this stage). In fact, at the time of this writing, we are not even sure that Samsung was contacted by the group before the leak.
The leak is reportedly 190GB of confidential data has been split into 3 parts. It is available via a torrent that according to Bleeping Computer, has about 400 peers sharing it. If the description is accurate, it contains the following data:
source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
algorithms for all biometric unlock operations
bootloader source code for all recent Samsung devices
confidential source code from Qualcomm
source code for Samsung’s activation servers
full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services
This leak, if real, represents a severe breach and data loss for Samsung. It is also a danger for any users of Samsung Products. There is no official word from Samsung on the veracity of the leaked data or indeed any information around the incident at all other than what has been published from the Lapsus$ group themselves. There has also not been a detailed analysis of the leaked data to see if it stands up.
We will keep you up to date as we find out more.
Updated information - Samsung Confirms Breach
