Samsung confirmed today (March 7) that its internal databases were hacked and the source code for Galaxy smartphones and tablets was stolen, but insisted that no customer data was affected.
“We were recently made aware that there was a security breach related to certain internal company data,” Samsung said in a statement provided to SamMobile and Bloomberg News. “Immediately after discovering the incident, we reinforced our security system.
“Based on our initial analysis, the breach involves certain source code related to the operation of Galaxy devices but does not include personal information of our consumers or employees. We currently do not anticipate any impact to our business or our customers. are taking measures to prevent further such incidents and will continue to serve our customers without interruption.”
Late Friday (March 4), the Lapsus$ hacker gang proclaimed that he stole 190 GB of data from Samsung, including source code for Samsung’s TrustZone and Knox, biometric unlock, bootloader, activation servers, account verification and even Qualcomm proprietary code, according to Bleeping Computer.
Extortion group LAPSUS$ managed to breach NVIDIA and Samsung.-March 1: They demand that NVIDIA open their drivers, otherwise they will-March 4: LAPSUS$ released Samsung’s proprietary source code.See images below -attached for details directly from LAPSUS $pic.twitter.com/U3VD7R2KRlMarch 4, 2022
Lapsus$ uploaded the data for free as a torrent file, so there is nothing more Samsung can do to control its spread. Curiously, the Lapsus$ team doesn’t seem to want any money for the data, and there’s no indication the group has demanded a ransom from Samsung. The same hackers broke into Nvidia’s servers last month in an extortion attempt.
What to do if you have a Samsung phone or tablet
So, is your Samsung Galaxy device in danger? Probably not right away. Having proprietary source code in nature is bad for a company’s bottom line, but it doesn’t mean that devices running the code can be hacked immediately.
After all, anyone can view Linux source code, but that doesn’t create a security risk for the millions of servers that run Linux (or the hundreds of millions of phones that run Linux as part of Android) .
This risk changes if it turns out that there are major security flaws in Samsung’s source code. Now that hundreds of researchers and hackers are poring over Samsung’s code, they might find vulnerabilities that Samsung engineers missed. If criminals find out about flaws in Samsung, they will try to take advantage of it by exploiting it or selling the information to other scammers.
So what can you do? If you have a Samsung phone or tablet, update its software today before the bad guys find a way to corrupt Samsung updates. Change your Samsung account password and enable two-factor authentication on the account if you haven’t already.
Longer term, install and use one of the best Android antivirus apps, which will detect and block known Android malware. And wait to install Samsung software updates after the middle of this week until it’s clear that the updates will be safe.