Nvidia hackers hit Samsung and leak huge data dump

Data Breach
(Image credit: Shutterstock)

The increasingly-notorious cybercrime group Lapsus$ has published a huge database, allegedly containing sensitive information from Samsung

The leak, containing 190GB of data broken into three separate databases, was released via torrent. 

Lapsus$ says the databases contain the source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations; algorithms for all biometric unlock operations; bootloader source code for all recent Samsung devices; confidential source code from Qualcomm; source code for Samsung’s activation servers; full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services.

TechRadar needs yo...

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.

>> Click here to start the survey in a new window <<

No confirmation, no ransom demands

The authenticity of the information has not been confirmed and Samsung has been silent on the matter. 

Still, should these files turn out to be authentic, it would mean that the company has suffered a breach of epic proportions, with potentially huge repercussions.

The torrent containing these files has already been downloaded by at least 400 peers, BleepingComputer reports, while Lapsus$ says it will be deploying more servers to increase the download speed. 

Samsung has also been asked to confirm if the threat actor demanded any ransom in exchange for keeping the data private.

Lapsus$ has been quite active recently, claiming responsibility for a major recent attack against Nvidia, where it claims it stole a terabyte of sensitive data.

Among the data were login credentials, and other identity-related information, on more than 70,000 Nvidia employees. Furthermore, the group alleged it stole intel that helped it create a tool that removes the hash rate blocker on the company’s latest GPU devices.

Nvidia has placed a limiter on its RTX 3000 GPU, to discourage Ethereum miners from gobbling up the entire supply. The tool was up for sale for $1 million, but whether or not it works as intended, or if it’s just another virus, is anyone’s guess.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.