By James Browning
The name Lapsus$ made headlines last week when the ransomware group threatened to release proprietary information for Nvidia graphics chips including schematics, source code and information about the unannounced RTX 3090 Ti.
The group’s unusual demand to Nvidia was the removal of the controversial Lite Hash Rate feature from its RTX 30 series of graphics cards. This limits the cards’ cryptocurrency mining ability and was introduced to mitigate supply shortages caused by an increasing demand of graphics cards for mining and predatory resellers looking to capitalise on limited supply.
Both Nvidia and Lapsus$ have stayed silent on the matter since the given deadline of March 4, and the hacking group has turned their attention to another international company.
Unlike the Nvidia ransom attack, Lapsus$ have already released information exfiltrated from Samsung in a 190 gigabyte file containing source code for Samsung’s Galaxy devices.
While Samsung devices run on the Android operating system, which is itself already open-source, this leak gives source code for the proprietary software included with its devices (such as its personal assistant Bixby and its Samsung internet browser) as well as for its bootloader.
This leak will make it easier for people to get rid of Samsung’s bloatware suite or run custom operating systems on Samsung devices.
While the above is mostly of interest to the niche few trying to customize their devices, the released information is also of use to malicious actors. Included was source code related to the processing and authenticating of Samsung accounts and the algorithms involved in their biometric identification systems.
To be clear, while Samsung has confirmed a security breach related to internal data, actual credentials of Samsung accounts have neither been stolen nor released. However, the leak does create a security threat for Samsung.
As is the case for all proprietary software, part of its security comes from the fact that only those designing and maintaining the systems have access to its source code. Before this, only Samsung staff will have had a behind-the-scenes look at their software. Now, everyone with the interest (and expertise) has the opportunity to pour over Samsung’s code to find vulnerabilities.
These leaks should not have any impact on Samsung’s average end consumers, but they are certain to increase the number of headaches for its security systems staff in the coming months.