Another victim of Lapsus$ was Samsung in recent days. We know that about 190 GB of data stolen with the leakage of Samsung by Lapsus$.
According to the analysts (mentioned as GitGuardian analysts), leaked Samsung source code showed that it contains thousands of private keys, and some of them will be very useful to cyber criminals.
Analysts have identified more than 6,600 private keys, usernames and passwords, AWS, Google and GitHub keys in leaked data. Meanwhile, they also mentioned that about 90% of the keys seems to used in internal systems and so it seems very difficult to use them for attackers.
While Lapsus$ – seems like have members both from South America and Europe – initially was attacking only Portuguese institutions, it seems their sights have expanded and in a short time, their name mentioned with NVidia, Samsung and Ubisoft incidents.
Samsung has confirmed the leak of the company’s internal data, including source code associated with Galaxy smartphones.
“According to our initial analysis, the leak includes source code related to the operations of Galaxy devices, but does not include personal information of our customers and employees” Samsung officials told Bloomberg. Officials also added they has put in place new security measures and not expecting a similar incident in future.
The LAPSUS$ group claimed to have stolen 190 GB of data from Samsung, including the source code for trusted applets, algorithms for biometric authentication, bootloaders, and confidential data from Qualcomm chip supplier.
Firstly, LAPSUS$ shared a piece of data claiming leaked from Samsung and then, Samsung confirmed the data leakage.
Meanwhile, in RAID forum – an underground hacking forum, Admin portal credentials shared by threat actors.
Not too long, LAPSUS$ also stole 1TB of data from NVIDIA.