Security News > 2022 > March > Lapsus$ extortionists dump Samsung data online, chaebol confirms security breach

Samsung has acknowledged its data was stolen after the Lapsus$ extortion gang deposited what appears to be 190GB of the company's stolen internal files online.

Jake Moore, Slovakian infosec firm ESET's global cyber security advisor, said: "Data breaches like this often have a price tag attached but these bad actors have just gone straight to releasing the data without a ransom note, leaving the targeted victims scrambling around trying to reduce the impact where possible."

So far there is no information about whether Lapsus$ has demanded a ransom from Samsung, as it did with Nvidia after stealing data from the chipmaker and threatening to leak it online unless anti-cryptominer features in GPU firmware were removed from current and future products.

Lapsus$ does not appear to follow the usual ransomware gang method of privately demanding a payoff to prevent data theft and leakage.

The gang, which appeared to align itself to cryptocurrency miners' interests, instead dumps data online as a means of ramping up pressure on its targets to do their bidding.

Data theft and leakage can have unintended consequences even from the attacker's point of view; last week a code-signing certificate included in Lapsus$'s dump from Nvidia was being used to sign Windows malware, according to infosec industry sources.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/03/07/samsung_lapsus_data_theft/