Samsung Office

Nvidia hackers leak 190GB of data allegedly stolen from Samsung

The LAPSUS$ hacking group claims to have breached the tech giant to steal internal data and source code
Image: Shutterstock via Dennis

7 March 2022

Lapsus$, the hacking group responsible for the recent Nvidia hack, claim to have breached tech giant Samsung to steal almost 200GB of sensitive data.

Among the 190GB trove of exposed files is source code for Samsung’s activation servers, bootloaders and biometric unlock algorithms for all recently released Samsung devices, and trusted applets for Samsung’s TrustZone environment. Confidential source code belonging to Qualcomm is also believed to be among the leaked data

Members of the Lapsus$ hacking group have claimed responsibility for the data breach, posting details of the obtained data in a Telegram channel and telling other members to “enjoy” the contents which have been made available to download over Torrent.




According to the message, the hackers also managed to obtain “various other data”, yet the elements listed could place Samsung device users in immediate threat of being hacked or impersonated by cyber criminals.

For instance, the trusted applets (TA) source codes obtained by Lapsus$ are installed in Samsung’s Trusted Execution Environment (TEE) known as TrustZone, meaning that the hackers – and everyone who has downloaded the Torrent files – could be able to bypass Samsung’s hardware cryptography, binary encryption, as well as access control.

The total size of the leaked data comes to about 190GB, which Lapsus$ split into three compressed files, and more than 400 peers have already downloaded and shared the torrent.

Neither Samsung nor Qualcomm was immediately available for comment, and it remains unclear whether the hacking group had any demands for Samsung before it leaked the confidential data.

News of the hack comes just weeks after researchers found “severe” security flaws in a long line of Samsung’s flagship smartphones that, if exploited, would enable attackers to lift cryptographic keys.

It also comes five days after Nvidia confirmed that the Lapsus$ hacking group had successfully breached its systems on 26 February and distributed 1TB of confidential company data, including security credentials belonging to 71,000 past and present Nvidia employees.

The hacking collective managed to obtain the data using a double extortion method of operation that involves compromising a victim and stealing data before encrypting their machine, as well as threatening to leak the stolen data if the ransom isn’t paid. Double extortion cases have been on the rise in the past year, with one in seven cases resulting in critical data being leaked.

Although Lapsus$’ attacks come amid the escalating cyber warfare caused by the Russian invasion of Ukraine, the hacking group has maintained that it’s “not state sponsored” and that its actions aren’t politically motivated.

Future Publishing

Read More:

Back to Top ↑