Samsung Admits to Hackers Stealing Galaxy's Software Code Archives
On Monday, Samsung acknowledged experiencing a cybersecurity incident, revealing that confidential info like Galaxy smartphone source code was exposed.
The responsible party, Lapsus$, is the same hacking collective that infiltrated Nvidia last week and leaked employee data and intellectual property online. In the Samsung case, Lapsus$ allegedly uploaded a 190GB torrent file to its Telegram channel, asserting it contains biometric login algorithms and bootloader code—sequences that might bypass specific OS restrictions.
Samung disclosed the intrusion yet didn't authenticate the attackers or the pilfered content. The corporation underlined that client and employee personal data remained secure.
"A security incident related to certain internal company data took place," Samsung informed Bloomberg. "Our preliminary analysis indicates that the breach involves certain source code pertaining to Galaxy device operations, but not the personal data of our customers or employees."
Following the Nvidia intrusion, Lapsus$ coerced the GPU manufacturer by threatening to disseminate stolen internal data unless GPU drivers were open-sourced and Nvidia 30-series graphics card cryptocurrency mining restraints were removed. The group, supposedly composed of members in South America and Western Europe, apparently breached the credentials of more than 71,000 Nvidia veterans.
Samsung confronts this data leak shortly after rumors emerged of the corporation intentionally slowing down around 10,000 apps, including Instagram and TikTok. Samsung defended its "Game Optimizing Service" as an attempt to harmonize performance and cooling, but many considered it as performance throttling and criticized Samsung for excluding certain benchmarking apps from the list. Samsung indicates a software update forthcoming to give users management over these apps' performance, although prior to Geekbench removing Galaxy S10, S20, S21, and S22 smartphones from its database.
Regarding the data breach, Samsung affirmed taking measures to avoid additional security problems and anticipates no business or client influence.
The cybersecurity incident at Samsung could potentially lead to significant advancements in the future of tech and technology, as Lapsus$ allegedly obtained biometric login algorithms and bootloader code. Despite the incident, Samsung assures that their focus remains on improving the user experience, with a software update planned to give users more control over app performance.
