Ransomware group known as Lapsus$, which compromised Nvidia’s data last month, has apparently attacked Samsung and made off with nearly 190GB of data.
Samsung’s Data Breach
Bleeping Computer first reported the hack and mentioned that the South American hacking group has gained access to nearly 190GB of confidential data including biometric data, source code for Samsung’s activation servers, and “full source code for technology used for authorizing and authenticating Samsung accounts.“
The South Korean electronics company has accepted that they have been hit but continue to remain tight-lipped on the details. The company is reportedly “assessing the situation” and has not confirmed whether they have received a ransom demand.
The hackers taunted Samsung by posting a snapshot of C/C++ directives in Samsung software, before publishing a description of the upcoming leak which allegedly contains “confidential Samsung source code.”
Lapsus$ reportedly launched their attack on March 5. They have split the data into three archives and made them available for download on a popular torrent. It appears to have gained a large audience as more than 400 peers are sharing the files, while the extortionists plan to add more servers to boost speed.
The first part of the archives contains source codes, the second part contains source code about device security and encryption amongst other things, and the third part contains critical repositories from Samsung Github. Samsung Github data includes mobile defense engineering, Samsung account backend, Samsung pass backend/frontend, and SES which includes Bixby, Smartthings, and store.
The data breach, especially if misused by third parties, could cause huge damage to the tech giant.
Nvidia’s Brush with Lapsus$
Last month, California-based tech company Nvidia reportedly suffered a cyberattack at the hands of Lapsus$. The hackers compromised nearly 1TB of data of the chipmaker and have allegedly demanded a huge ransom from the company.
The website Have I Been Pwned?, which allows people to check whether their emails have been compromised, the email ids of over 71,000 current and former employees have been published by Lapsus$.
In a statement, the hackers outlined their demands, “We request that Nvidia commits to completely open source their graphics processing unit drivers for Windows, MacOS, and Linux from now on and forever.” If the company decides to ignore their request, the extortionists have threatened to “release the entire silicon chip files so that everyone not only knows your driver’s secrets, but also your most closely guarded trade secrets for graphics and computer chipsets, too!”
Lapsus$ wants Nvidia to remove the controls that the company has placed in its Nvidia 30-series GPUs for cryptocurrency mining. The Verge, meanwhile, reported that the cybercriminals are also looking for a buyer for the stolen data instead of releasing it to the public. For now, the hackers have already released a part of Nvidia’s proprietary technology.
The ransomware demand hangs in the air as till now Nvidia has neither accepted nor refused their demands. In an interesting turn of events, Lapsus$ mentioned that Nvidia hacked them back but that they still have a copy of the confidential information.
The Rise of Cybercrime
Furthermore, cybercrime has been rising steadily, especially since the onset of Covid-19. In January, hackers took down over a dozen sites of the Ukrainian government. The International Committee of the Red Cross (ICRC) also recently admitted that an attack compromised the personal data and confidential information of more than 515,000 highly vulnerable people from around the world.
Data sold on the dark web is often exploited by cybercriminals to trap unsuspecting individuals in fraudulent schemes and to part with more data.
According to experts, ransomware cost the world $20 billion in 2021 and this number is expected to rise to $265 billion by 2031. Also, as per Cybersecurity venture, crimes related to cryptocurrencies will grow exponentially and exceed $30 billion in 2025.