California-based graphics processor manufacturer Nvidia has confirmed that its networks were hacked. The company witnessed a cyberattack last week where hackers have stolen data from the company’s servers, including sensitive information and employee credentials. However, along with details about Nvidia, the hackers seem to have got their hands on information about the South Korean tech conglomerate Samsung.
On March 4, 2022, the Lapsus $ group allegedly leaked a “huge collection of confidential data they claim to be from Samsung Electronics,” as mentioned in a report by bleepingcomputer.com. The hacker group claims that it contains 190GB worth of data from Samsung which it stole while obtaining 1TB worth of data from Nvidia’s servers. Given below are the details of the data that is possessed by Lapsus $, as noted in the report.
A massive Samsung data leak just took place
- Source code for every Trusted Applet installed in Samsung TrustZone environment used for sensitive operations.
- Algorithm for all biometric unlock operations.
- Confidential source code from Qualcomm.
- Source code for Samsung’s activation servers.
- Full source code for technology used for authoring and authenticating Samsung accounts, including APIs and services.
If the information mentioned in the report is indeed true, ie if the hackers possess this data, it could cause substantial damage to Samsung. However, the nature of the sensitivity of the information leaked by the hackers is not known yet. The hacker group has leaked this information through torrent and has said that it would deploy more servers, which will increase the download speed. The data seems to be in three parts – 69.95GB, 30.68GB and 89.59GB. These files contain information about security / defense / Knox / bootloader and other items. Additionally, it contains source code about the encryption of several devices.
Who attacked Nvidia?
As mentioned earlier, a group has taken responsibility for the cyberattack on Nvidia. Called “Lapsus $” the group has mentioned some details about the incident on its Telegram channel, according to which the group has stolen 1TB (1,000 GB) of information from Nvidia’s servers, which also includes highly sensitive data. Additionally, the group’s Telegram channel also mentions that it has stolen source code for the hash rate limiter used by Nvidia.