Hackers that exposed secret information from Nvidia have now turned their attention to Samsung. The hacker group known as Lapsus$ is suspected of taking 190GB of data from Samsung, including encryption and source codes for many of the company's new devices.
On Saturday, hackers launched an attack on Samsung, leaking critical data collected through the attack and making it accessible via torrent. The hackers shared the complete data in three sections in a note to their followers, as seen by Bleeping Computer, along with a text file that details the stuff available in the download.
The exposed material includes "source code from every Trusted Applet" installed on every Samsung smartphone, as per the message. It also includes "confidential Qualcomm source code," algorithms for "all biometric unlock operations," bootloader source code for the devices, and source codes for Samsung's activation servers and Samsung account authentications, including APIs and services.
In short, the Lapsus$ attack targets Samsung Github for critical data compromise: mobile defence engineering, Samsung account backend, Samsung pass backend/frontend, and SES, which includes Bixby, Smartthings, and store.
The attack on Samsung comes after the cyber organisation attempted to extort money from Nvidia in a ransom scheme. It's worth noting that it's not a straightforward monetary request. Instead, the hackers have asked Nvidia to lift the restriction on Ethereum cryptocurrency mining that it has placed on its Nvidia 30-series GPUs. Nvidia's GPU drivers must be open-sourced forever, according to the hackers.
The hackers are plainly looking for money from the disclosed data, as evidenced by the updates. For $1 million, one of them promised to sell anyone a bypass for the crypto nerf on Nvidia GPUs. Another communication from the group, according to The Verge, claimed that instead of making the data public, they are attempting to sell it straight to a buyer.
Last Monday, Nvidia confirmed the breach, acknowledging a leak of "employee credentials" and "proprietary information." It, on the other hand, disputed that the attack was linked to the ongoing Russia-Ukraine crisis and claimed that the cyberattack would have no impact on its operations.
As of currently, there are no reports of Lapsus$ demanding a similar ransom from Samsung. If they do, however, Samsung is likely to suffer a significant setback, especially given the type of data that the hacking group now claims to have access to.