Hackers leak internal source code for Samsung Galaxy smartphones
Samsung has confirmed a security breach after hackers obtained and leaked almost 200 gigabytes of confidential data, including source code for various technologies and algorithms for biometric unlock operations.
Hacking group Lapsus$, the same group that breached chip giant Nvidia’s data last month, claims to have obtained source code for trusted applets installed in Samsung’s TrustZone environment, used for performing sensitive operations, algorithms for all biometric unlock operations and bootloader source code for all recent Samsung Galaxy device.
The stolen data allegedly also included confidential data from U.S. chipmaker Qualcomm, which supplies chipsets for Samsung smartphones sold in the United States. The hacking group called on the U.S. chipmaker to disable its controversial Lite Hash Rate (LHR) feature and demanded it open-source its graphics chip drivers for macOS, Windows and Linux devices.
A Samsung spokesperson said, “According to our initial analysis, the breach involves some source codes relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees. Currently, we do not anticipate any impact to our business or customers. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”
Access to source code can help threat actors find security vulnerabilities that otherwise might not be easily found, potentially opening affected devices or systems to exploitation or data exfiltration. Samsung confirmed the security breach related to certain internal company data but said no personal data belonging to customers or employees was accessed by the hackers.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.