Samsung Electronics has allegedly been hacked by a foreign hacking group, believed to be South American, who claim that they have the authentication code behind Samsung’s Knox security system and the biometric log in codes which could give them access to millions of Samsung smartphones tablets and PC’s including tens of thousands sold Australia.
Samsung who developed Knox claims it secures private data from the second you turn on a Samsung device. Samsung has also announced that they have stopped shipping products to Russia.
The South Korean business has major research and development operations in Russia and recently announced that they are suspending “shipment” of smartphones, tablets and PC’s to Russia, shortly afterwards the hackers struck.
ChannelNews understands that hackers were able to break through Samsung security systems and were able to access confidential source code and other classified data.
The attack on Saturday was conducted by a data extortion entity called Lapsus$ who previously targeted Nvidia.
Lapsus$ teased the release of the Samsung data with a snapshot of C/C++ directives in Samsung software.
The teased image revealed confidential Samsung source code that was obtained by the cyberattackers.
They included:source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
algorithms for all biometric unlock operations
bootloader source code for all recent Samsung devices
confidential source code from Qualcomm
source code for Samsung’s activation servers
full source code for technology used for authorising and authenticating Samsung accounts, including APIs and services
The leaked data’s size revealed three compressed files that amount to nearly 190GB.
The data was then made available in a torrent.
Lapsus$ says that it would be deploying additional servers to help peers get the most out of their download speeds.
A brief description of the content available was then provided:
“Part 1 contains a dump of source code and related data about Security/Defense/Knox/Bootloader/TrustedApps and various other items
Part 2 contains a dump of source code and related data about device security and encryption
Part 3 contains various repositories from Samsung Github: mobile defense engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby, Smartthings, store)”
They also have the biometric unlock algorithms to millions of smartphones as well as the bootloader code for all recent Samsung devices, Trusted Applet source code, code behind online services and Samsung accounts, and much more.
If the claims are correct, Samsung has a major problem on their hands as millions of Samsung devices could be exposed.
Notices published by the group are making it difficult to pinpoint the most crucial data leak. Samsung has at this stage failed to issue a work around or fix for the problem due to their engineers still trying to work out what has been taken and the risk to the owners of Samsung devices.
One in every five smartphones sold worldwide is a Samsung Galaxy device.
Also, on Saturday Samsung suspended product shipments to Russia due to current geopolitical developments.
Both Apple and Microsoft had already made the decision to suspend shipments.
The South Korean tech giant is actively monitoring the complex situation, the company said in an emailed statement to Bloomberg.
Exports to Russia of all Samsung products ranging from chips to smartphones and consumer electronics have been suspended, according to a person familiar with the matter.
“Our thoughts are with everyone who has been impacted and our priority is to ensure the safety of all our employees and their families,” Samsung said in the statement. The company is donating $6 million, including $1 million in consumer electronics products, to humanitarian efforts in the region.
ChannelNews understands that it took a hit in a Ukrainian nuclear power plant for Samsung to take action.
Microsoft has condemned Russia’s “unjustified, unprovoked and unlawful invasion” of Ukraine and said it’s suspending all new sales of products and services in Russia where Samsung has a major artificial intelligence development program running at a Samsung development lab.
Ahead of the Samsung announcement, Mykhailo Fedorov, who serves as Ukraine’s vice prime minister and oversees digital operations, sent a letter to Samsung vice chairman Han Jong-hee to urge the Korean tech giant to temporarily cease supplying services and products to Russia.
“We believe that such actions will motivate the youth and active population of Russia to proactively stop the disgraceful military aggression,” Fedorov said in the letter which was posted on Friday on his twitter account. “We need your support — in 2022, modern technology is perhaps the best answer to the tanks, multiple rocket launchers and missiles targeting residential neighbourhoods, kindergartens, and hospitals. Stay with Ukraine and save millions of innocent lives!”