New hacks by LAPSUS$ to technology companies
We had already talked about the news that a group of hackers called LAPSUS$ had hacked into NVIDIA a few days ago. At the time, the hacker group did not ask for money, but instead demanded that the company release its video drivers.
This group of hackers have been doing their thing for a few days and now it is known that NVIDIA has not been the only one affected. In recent announcements it has been known that companies such as V odafone, Impresa, MercadoLibre and Samsung have also been victims of these cybercriminals.
Who are LAPSUS$?
LAPSUS$ is a group of hackers that has come to the fore in recent weeks due to the fact that they have perpetrated cyberattacks on large companies.
At the moment it is completely unknown who they are or where these hackers come from. However, what is known is that they have in their hands sensitive information about large technology companies and have threatened to leak it.
These hackers have been using viruses such as ransomware to seize the data of different companies. The authorities are already investigating after the complaint filed by NVIDIA.
In addition, it is not ruled out that the rest of the large companies that have been victims of this group also join in the lawsuit.
Who have been their new victims?
Given the recent information that has circulated on the network, there are several companies that would have been victims of this group. Among them we have Samsung, MercadoLibre and Vodafone.
Already cybercriminals have announced that they have valuable information about this company and have threatened to release that information. Next, we will talk about each of the cases.
Samsung
It was recently revealed that the group of hackers had managed to steal about 190 GB of information from Samsung servers. The company itself admitted this theft of information and has announced that the information of employees and customers was not violated.
Among the information stolen by this group was the source code for several technologies, such as algorithms for biometric unlocking. They also stole the source code for the Trusted Applets (TA) that are on each of the devices.
Additionally, also the DRM modules, master keys, bootloader algorithms, knox and even the source code of Qualcomm processors.
Without a doubt, this is a fairly important leak, however, the company ensures that this does not represent any danger to the devices. Although the hackers have ensured that with this source code it is possible to skip the biometric verification and access the device.
Vodafone
Vodaphones is also one of the companies that has fallen victim to this group of hackers. According to the statements of the hackers themselves, they have managed to extract about 200 GB of information from the company's servers.
The company has not yet said anything about it and no more information is known than what the hackers have given. In addition, they have not mentioned what type of information they have obtained.
However, with 200 GB being stored in more than 5,000 repositories, it is to be expected that this is sensitive information. We will have to wait for an official statement from the company to know exactly the scope of this attack.
Free market
LAPSUS$ has also admitted a hack to the MercadoLibre platform, which is the most important markerplace in Latin America. According to the group of hackers, it has in its possession source codes belonging to around 24,000 repositories.
The company through a statement has confirmed the violation of the data in which information of around 300,000 users of the platform has been leaked.
It is important to mention that MercadoLibre has around 140 million registered users. Although 300,000 may seem like a small leak, it is actually a serious problem for users and the company.
So far, this information has not been leaked by the hacker group, however, they have threatened to do so. The company has assured that it is implementing greater security measures and doing an analysis of the stolen data and how it happened.
Printed
This is a Portuguese company that is considered to be one of the most important conglomerates in the country. The group has requested a payment from this company to prevent the information from being revealed.
The amount that these people may be requesting is unknown, nor is the importance of the stolen information. In any case, the company has not issued any statements related to the hack and everything has been handled cautiously.
More hacks at the door
At the moment, this group of hackers is looking for vulnerabilities everywhere, so it is not ruled out that more hacks could happen.
The hackers gave until the weekend before they start spreading the information they already have. It is important to mention that they have not yet leaked what they have stolen from Vodafone, MercadoLibre or Impresa, so it is expected that this will be released in stages.