Security News > 2022 > March > Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak
Just days after leaking data it claims to have exfiltrated from chipmaker NVIDIA, ransomware group Lapsus$ is claiming another international company among its victims - this time releasing data purportedly stolen from Samsung Electronics.
Lapsus$ had earlier announced on its Telegram channel that it had breached Samsung and offered a taste of what it had as proof, including biometric authentication information and source code from both Samsung and one of its suppliers, Qualcomm.
That's according to Security Affairs, which also published a screen grab of the data leak.
"If Samsung's keys were leaked, it could compromise the TrustZone environment on Samsung devices that stores especially sensitive data, like biometrics, some passwords and other details," said Casey Bisson, head of product and developer relations at BluBracket, via email.
"If Samsung has lost control of the signing keys, it could make it impossible for Samsung to securely update phones to prevent attacks on the TrustZone environment," he said.
The ransomware attacks on Samsung and NVIDIA, and even January's Lapsus$ attack on media outlets in Portugal, SIC Noticias and Expresso, should serve as a grim reminder that the ransomware business is booming, according to experts.
News URL
https://threatpost.com/samsung-lapsus-ransomware-source-code/178791/
Related news
- FBI, Europol, and NCA Take Down 8Base Ransomware Data Leak and Negotiation Sites (source)
- 8Base ransomware group leaders arrested, leak site seized (source)
- Black Basta ransomware gang's internal chat logs leak online (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware thugs threaten Tata Technologies with leak if demands not met (source)