Hackers Breached Samsung Security and Stole Galaxy Source Code

Samsung Galaxy S22 Ultra

Samsung has confirmed that hackers breached its data security and were able to steal Galaxy smartphone source code. The company says the cyberattack did not affect customer or employee information.

Over the weekend, Bleeping Computer reported that South American hacking group Lapsus$ uploaded a description of a large amount of what it claims is confidential Samsung Galaxy smartphone source code.

The 190GB torrent file data drop reportedly includes source code for every Trusted Applet installed in Samsung’s TrustZone environment for sensitive operations, algorithms for biometric unlock operations, bootloader source code for all recent Samsung devices, confidential source code from Qualcomm, activation server source code, and the full source code for the technology used for authorizing and authenticating Samsung accounts including APIs and services.

On Monday, Samsung confirmed the breach to Bloomberg and said that the cyber attack saw the theft of “some source code relating to the operation of Galaxy devices” but stated employee and customer information was not affected.

“Currently, we do not anticipate any impact to our business or customers,” Samsung said as part of its statement. We have implemented measures to prevent further such incidents and will continue to serve our customers without disruption.”

Just one week prior, Lapsus$ said it had obtained about 20GB of data from a hack of Nvidia, which included schematics and source code. The group had asked Nvidia for a ransom paid in cryptocurrency, but when the company did not respond to those demands, the source code for its DLSS technology and information on six unannounced graphics cards was published online, Engadget reports.

In all likelihood, if Lapsus$ has obtained the data that it claims to, Samsung has already been issued similar demands to the ones sent to Nvidia. Very likely if Samsung does not comply with the requests, the hackers plan to publish the code they stole as they did with Nvidia. The amount of data the hackers stole from Samsung is significantly more than what was taken from Nvidia, and the inclusion of the Trusted Applet and biometric unlock operations is of particular note and could provide bad actors with a lot of data on how to break Samsung’s smartphone security.

Image credits: Header image by Ted Kritsonis for PetaPixel.