The last couple of weeks has been rough for Samsung. First, it was caught throttling app performance on its Galaxy S series smartphone, including the new S22 models. Then Geekbench announced that it would delist four years of benchmark scores posted by Samsung devices. Now, the South Korean smartphone maker has become the target of a massive hack. On March 7, Samsung confirmed to Bloomberg that it had been hacked. However, it claimed that the security breach did not affect any customers. A report from Bleeping Computer mentioned that an “extortion” outfit called Lapsus$ had hacked Samsung. The group initially uploaded screenshots of Samsung software source code stolen from the company’s servers. The code appears to contain critical data such as algorithms for biometric authentication of all kinds and all the source code responsible for authenticating Samsung accounts. The compressed data has a 190GB file size, and Lapsus$ has made it available to torrent. The peer-to-peer network already has 400 peers for the torrent, and Lapsus$ reportedly plans to boost download speeds using additional servers. This isn’t the first attack of this kind that the outfit has carried out. It previously targeted NVIDIA and demanded that the company delimit Ethereum mining hash rates for its GPUs. Just like in Samsung’s case, the hackers first shared internal NVIDIA email addresses and cryptographically hashed passwords before giving the company a March 4 deadline to delimit the GPUs. In Samsung’s case, Lapsus$ hasn’t put forth any demands yet. Nevertheless, the hack affected Samsung’s bottom line, and its stock price slid down 2 percent in trading on March 7.
