Samsung confirms cyberattack, says internal data leaked

Date:
Tue, 08 Mar 2022 12:30:14 +0000

Description:
Some "source code for Samsung Galaxy devices taken, company confirms.

FULL STORY ======================================================================

Samsung has confirmed it has been hit by a data breach , but said no employee or customer data was impacted.

The Lapsus$ cybercrime gang recently published a 190GB-heavy data dump of intel allegedly belonging to company which included a host of confidential
and valuable technical data.

Having initially stayed silent following Lapsus$'s declaration, Samsung has now confirmed the breach did take place, but refused to go into much detail about exactly what information was affected.

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a 100 Amazon gift card (or equivalent in USD). Thank you for taking part.

Click here to start the survey in a new window << Samsung security breach

There was a security breach relating to certain internal company data,
Samsung said in a statement.

According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the
personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption."

Samsung added that it doesnt expect its operations to be too disrupted by the incident.

Among the data Lapsus$ claimed to have taken is the source code for every Trusted Applet (TA) installed in Samsungs TrustZone environment used for sensitive operations; algorithms for all biometric unlock operations; bootloader source code for all recent Samsung devices; confidential source code from Qualcomm; source code for Samsungs activation servers; full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services. Read more

Hackers threaten to turn every Nvidia GPU into a Bitcoin mining machine

Stolen Nvidia code signing certificates used to sign off malware

Hackers demanding million-dollar prize for leaked Nvidia GPU mining bypass

It's also not known if Lapsus$ made any ransom demands for the data.

The torrent containing these files has already been downloaded by at least
400 peers, while Lapsus$ says it will be deploying more servers to increase the download speed.

The threat actor is quickly making a name for itself after it stole a
terabyte of sensitive data from Nvidia , and is allegedly currently negotiating with a potential buyer.

Among the data stolen from the GPU giant were login credentials, and other identity-related information, on more than 70,000 Nvidia employees . Furthermore, the group alleged it stole intel that helped it create a tool that removes the hash rate blocker on the companys latest GPU devices.

Nvidia has placed a limiter on its RTX 3000 GPU, to discourage Ethereum
miners from gobbling up the entire supply. The tool was up for sale for $1 million, but whether or not it works as intended, or if its just another virus, is anyones guess. Heres our list of the best firewalls right now

Via: BleepingComputer



======================================================================
Link to news story: https://www.techradar.com/news/samsung-hacked-galaxy-phones-leaked/


--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)