Hackers leak 190GB of alleged Samsung data

Hackers leak 190GB of alleged Samsung data (Including algorithms & Source code)

UPDATE: Samsung has confirmed hackers have captured source code. Read more over at Bloomberg.

Apple, Samsung, and Zebra devices run the enterprise. Unfortunately, ccording to Bleeping Computer, Lapsus$, who previously leaked some data from Nvidia last week, has posted a screenshot of data from alleged Samsung data.

Lapsus$ claims that the upcoming full leak contains "confidential Samsung source code" including:

• source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
• algorithms for all biometric unlock operations
• bootloader source code for all recent Samsung devices
• confidential source code from Qualcomm
• source code for Samsung’s activation servers
• full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services

Teams handling mobility / mobile infrastructure will need to make sure that they are on high alert as BC reports that 400 peers were sharing the 3 part data torrent with the source code to devices you may have deployed. I'm sure other hacking groups are looking to see what exploits can be taken advantage of at this time.

A remote attacker (or even a physical attack if a Samsung device is found) can give a hacker direct access to your company network by evading any standby/wake up password verification.

Head on over to Bleeping Computer for more information on this developing story.

Further reading:
https://www.androidpolice.com/hackers-leak-190-gb-of-samsung-data-including-source-code/