Samsung Electronics becomes latest victim of ransomware group

Samsung Electronics

Notorious hacking group Lapsus$, which recently threatened to leak source code belonging to Nvidia, has now leaked a massive collection of data from Samsung Electronics.

According to tech news and support website Bleeping Computer, Lapsu$ has split the 190GB of leaked data into three files and made them available to download in a torrent.

The data leak includes confidential files such as employee communications via WhatsApp, poll results and other information from within the company. At present, it is not known how the hackers obtained the data, or what their motives are. The South Korea-based tech giant is the latest in a long line of companies to be targeted by Lapsus$.

As per a description of the leak published by Lapsus$, the archive contains “confidential Samsung source code,” including:

  1. Biometric algorithms
  2. Source code for every Trusted Applet
  3. Source code for the company’s activation servers
  4. Source code from Qualcomm
  5. The entirety of the source code used to authorise and authenticate Samsung accounts

It is unclear at this point if the ransomware group has asked Samsung for ransom. Samsung is also yet to issue an official statement on the cyberattack.

Related article:
UK asks Japan for Huawei alternatives in 5G networks

Earlier this month, the group stole almost a terabyte of sensitive data from Nvidia’s networks, including the company’s employee credentials and portions of source code. It asked the chipmaker to remove the Lite Hash Rate (LHR) feature from its RTX 30 series graphics cards, which were launched out last year.

Platform Industry: Hackers and cyber security

It is known that the new feature limits the performance of the cards when mining cryptocurrencies. Additionally, the group pushed the company to open source its GPU drivers.


The Lapsus$ gang is a relative newcomer to the crime scene; and was first spotted in late 2020, when they hacked the Ministry of Health in Brazil and stole some 50TB of data. It later targeted telecom operator Claro, which also operates in Brazil.

It is widely believed that the group is based in Brazil.

The team at Platform Executive hope you have enjoyed this article. Automatic translation from English to a growing list of languages via Google AI Cloud Translation. Reporting by Rob Phillips.

You can stay on top of all the latest developments across the platform economy, find solutions to your key challenges and gain access to our problem-solving toolkit and proprietary databases by becoming a member of our growing community. For a limited time, our subscription plans start from just $16 per month.

Related article:
Workers at Israeli surveillance firm NSO sue Facebook for blocking private accounts
Share this Article