Samsung confirmed on Monday that a cybersecurity attack exposed sensitive internal data including source code for Galaxy smartphones.
The group claiming responsibility for the attack, Lapsus$, is the same hacking outfit that breached Nvidia last week and leaked employee credentials and proprietary information onto the internet. In the Samsung hack, the group purportedly posted a 190GB torrent file to its Telegram channel, claiming it contains algorithms for biometric login authentication and bootloader—code that could be used to bypass some operating system controls.
Samsung disclosed the breach but didn’t confirm the identity of the hackers or the materials stolen.
[…]
After successfully breaching Nvidia, Lapsus$ blackmailed the GPU maker by threatening to release stolen internal data unless GPU drivers were made open source and Ethereum cryptocurrency mining limiters were removed from Nvidia 30-series graphics cards. The group, which is said to have members in South America and Western Europe, reportedly compromised the credentials of more than 71,000 past and current Nvidia employees.
For Samsung, the data breach arrives shortly after reports emerged claiming the company deliberately limits the performance of around 10,000 apps, including Instagram and TikTok. Samsung said its “Game Optimizing Service” was designed to balance performance and cooling, but many saw this as performance throttling and slammed the Korean tech giant for selectively excluding benchmarking apps.
[…]
Source: Samsung Galaxy Source Code Stolen in Data Breach
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft