Security News > 2022 > March > Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak

Just days after leaking data it claims to have exfiltrated from chipmaker NVIDIA, ransomware group Lapsus$ is claiming another international company among its victims - this time releasing data purportedly stolen from Samsung Electronics.

Lapsus$ had earlier announced on its Telegram channel that it had breached Samsung and offered a taste of what it had as proof, including biometric authentication information and source code from both Samsung and one of its suppliers, Qualcomm.

That's according to Security Affairs, which also published a screen grab of the data leak.

"If Samsung's keys were leaked, it could compromise the TrustZone environment on Samsung devices that stores especially sensitive data, like biometrics, some passwords and other details," said Casey Bisson, head of product and developer relations at BluBracket, via email.

"If Samsung has lost control of the signing keys, it could make it impossible for Samsung to securely update phones to prevent attacks on the TrustZone environment," he said.

The ransomware attacks on Samsung and NVIDIA, and even January's Lapsus$ attack on media outlets in Portugal, SIC Noticias and Expresso, should serve as a grim reminder that the ransomware business is booming, according to experts.

News URL

https://threatpost.com/samsung-lapsus-ransomware-source-code/178791/