NEWS: Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak

Threatpost covers the latest code lead, this one hitting Samsung and resulting in Ransomware. BluBracket was asked to weigh in:

“If Samsung’s keys were leaked, it could compromise the TrustZone environment on Samsung devices that stores especially sensitive data, like biometrics, some passwords and other details,” said Casey Bisson, head of product and developer relations at BluBracket, via email. “The TrustZone environment is useful because it creates a strong security barrier to attacks by Android malware.”

He added that if the leaked data allows malware to access the TrustZone environment, it could make all data stored there vulnerable.

“If Samsung has lost control of the signing keys, it could make it impossible for Samsung to securely update phones to prevent attacks on the TrustZone environment,” he said. “Compromised keys would make this a more significant attack than NVIDIA, given the number of devices, their connection to consumers, and amount of very sensitive data that phones have.

Share this post!