The ransomware group Lapsus$ has leaked a 190GB cache of confidential data which it claims it stole from Samsung Electronics.
On March 04, the hacker group posted a snapshot of C/C++ directives in Samsung software on its website, hinting that it had stolen the data from the manufacturer. Lapsus$ later gave out more details on the data cache, claiming it had “confidential Samsung source code.”
BleepingComputer reported that the stolen data supposedly on the cache include source code for every Trusted Applet (TA) installed in Samsung’s TrustZone platform; algorithms for biometric unlock functions; bootloader source code for the latest Samsung devices; confidential source code from Qualcomm; source code for Samsung’s activation servers; and full source code for the technology involved in authorising and authenticating Samsung accounts.
The ransomware group has made the 190GB worth of data available to download in a torrent, which is being shared by about 400 peers. It is unclear if the group had contacted Samsung for a ransom.
According to BleepingComputer, the Samsung data breach happened not too long after Lapsus$ leaked a 20GB document archive allegedly from GPU designer Nvidia. The hacker group claimed to have stolen a total of 1TB of data from Nvidia, and threatened to publish the rest of the stolen information if the chipmaker refused to pay a ransom.