Hacker group Lapsus$ claims to have stolen 190GB of confidential data from Samsung. This mainly involves source code for Samsung devices.
Last week, Lapsus$ claimed to have stolen 1TB of confidential data from Nvidia. In an attempt to back the claim, the criminal group published 20GB of the alleged data.
This time it’s Samsung’s turn. Lapsus$ posted a snapshot of a C/C++ directive in Samsung software. The hackers described the data as source code for Android-based Samsung devices in a follow-up. The code is used for sensitive operations, such as hardware cryptography, encryption of binaries and access control.
Additionally, Lapsus$ claims to have stolen all source code used to authorize and authenticate Samsung accounts, including APIs.
Publicity offensive
The cybercriminals launched a major initiative to publicize and distribute the data. Lapsus$ is distributing 190GB of stolen data in three files and a single torrent. The torrent has more than 400 peers. Lapsus$ claims it plans to bring in personal servers for distribution. The cybercriminals also indexed the data.
Lapsus$’s distribution indicates that the group wants to damage Samsung as uch as possible. There’s no proof connecting the threat to the Russian invasion of Ukraine. Samsung has yet to respond to the attack.