Samsung Electronics leak by Lapsus$ Group
BREAKING: I looked inside the archives and you wouldn't believe what I found!
Part 1 contains a dump of source code and related data about
Security/Defense/Knox/Bootloader/TrustedApps and various other items.
Part 2 contains a dump of source code and related data about device security and
encryption related stuffs.
Part 3 contains various repositorys from Samsung Github. Including Mobile defense
engineering, Samsung account backend, Samsung pass backend/frontend, and SES (Bixby,
Smartthings, store, etc)
Part 1 and 2 also contain highly confidential data from Qualcomm and various other
samsung parters
Who
The data was leaked by the Lapsus$ Group, the same group that leaked a 20GB file from NVIDIA few days ago, below is their original announcement.
SAMSUNG LEAK IS HERE!
Now leaking confidential Samsung source code! Our leak from breach includes:
DEVICES/HARDWARE
-Source code for every Trusted Applet (TA) installed on all samsung device's
TrustZone (TEE) with specific code for every type of TEE OS (QSEE, TEEGris etc)
THIS INCLUDES DRM MODULES AND KEYMASTER/GATEKEEPER!
-Algorithms for all biometric unlock operations, including source code that
communicates directly with sensor (down to the lowest level, we're talking
individual RX/TX bitstreams here)
-Bootloader source code for all recent Samsung devices, including Knox data
and code for authentication.
-Various other data, confidential source code from Qualcomm.
ONLINE SERVICES
-Samsung activation servers source code (for first-time setup)
-SAMSUNG ACCOUNTS FULL SOURCE CODE! Including Authentication, Identity, API,
Services, and many more that wouldn't fit here!
-Various other data.
As always, enjoy! ;)
How
According to one of the group members:
samsung had MAC auth and IP auth
and MFA
but we still somehow passed it
Where
Magnet Link:
magnet:?xt=urn:btih:2df266c276cb8581b47afa091cfce1bdad7c2e99&xt=urn:btmh:12201107555fe207323098968f281f4c795f0cb180d4af6f813465546165a9670aba&dn=Samsung&tr=udp%3a%2f%2fpublic.popcorn-tracker.org%3a6969%2fannounce&tr=http%3a%2f%2f104.28.1.30%3a8080%2fannounce&tr=http%3a%2f%2f104.28.16.69%2fannounce&tr=udp%3a%2f%2f107.150.14.110%3a6969%2fannounce&tr=udp%3a%2f%2f109.121.134.121%3a1337%2fannounce&tr=udp%3a%2f%2f114.55.113.60%3a6969%2fannounce&tr=http%3a%2f%2f125.227.35.196%3a6969%2fannounce&tr=udp%3a%2f%2f128.199.70.66%3a5944%2fannounce&tr=http%3a%2f%2f157.7.202.64%3a8080%2fannounce&tr=http%3a%2f%2f158.69.146.212%3a7777%2fannounce&tr=http%3a%2f%2f173.254.204.71%3a1096%2fannounce&tr=http%3a%2f%2f178.175.143.27%2fannounce&tr=udp%3a%2f%2f178.33.73.26%3a2710%2fannounce&tr=udp%3a%2f%2f182.176.139.129%3a6969%2fannounce&tr=udp%3a%2f%2f185.5.97.139%3a8089%2fannounce&tr=udp%3a%2f%2f188.165.253.109%3a1337%2fannounce&tr=udp%3a%2f%2f194.106.216.222%3a80%2fannounce&tr=udp%3a%2f%2f195.123.209.37%3a1337%2fannounce&tr=http%3a%2f%2f210.244.71.25%3a6969%2fannounce&tr=http%3a%2f%2f210.244.71.26%3a6969%2fannounce&tr=http%3a%2f%2f213.159.215.198%3a6970%2fannounce&tr=udp%3a%2f%2f213.163.67.56%3a1337%2fannounce&tr=http%3a%2f%2f37.19.5.139%3a6969%2fannounce&tr=udp%3a%2f%2f37.19.5.155%3a2710%2fannounce&tr=udp%3a%2f%2f46.4.109.148%3a6969%2fannounce&tr=udp%3a%2f%2f5.79.249.77%3a6969%2fannounce&tr=udp%3a%2f%2f5.79.83.193%3a6969%2fannounce&tr=udp%3a%2f%2f51.254.244.161%3a6969%2fannounce&tr=http%3a%2f%2f59.36.96.77%3a6969%2fannounce&tr=udp%3a%2f%2f74.82.52.209%3a6969%2fannounce&tr=http%3a%2f%2f80.246.243.18%3a6969%2fannounce&tr=http%3a%2f%2f81.200.2.231%2fannounce&tr=udp%3a%2f%2f85.17.19.180%3a80%2fannounce&tr=http%3a%2f%2f87.248.186.252%3a8080%2fannounce&tr=http%3a%2f%2f87.253.152.137%2fannounce&tr=http%3a%2f%2f91.216.110.47%2fannounce&tr=http%3a%2f%2f91.217.91.21%3a3218%2fannounce&tr=udp%3a%2f%2f91.218.230.81%3a6969%2fannounce&tr=http%3a%2f%2f93.92.64.5%2fannounce&tr=http%3a%2f%2fatrack.pow7.com%2fannounce&tr=http%3a%2f%2fbt.henbt.com%3a2710%2fannounce&tr=http%3a%2f%2fbt.pusacg.org%3a8080%2fannounce&tr=http%3a%2f%2fbt2.careland.com.cn%3a6969%2fannounce&tr=udp%3a%2f%2fexplodie.org%3a6969%2fannounce&tr=udp%3a%2f%2fmgtracker.org%3a2710%2fannounce&tr=http%3a%2f%2fmgtracker.org%3a6969%2fannounce&tr=http%3a%2f%2fopen.acgtracker.com%3a1096%2fannounce&tr=http%3a%2f%2fopen.lolicon.eu%3a7777%2fannounce&tr=http%3a%2f%2fopen.touki.ru%2fannounce.php&tr=http%3a%2f%2fp4p.arenabg.ch%3a1337%2fannounce&tr=udp%3a%2f%2fp4p.arenabg.com%3a1337%2fannounce&tr=http%3a%2f%2fpow7.com%3a80%2fannounce&tr=http%3a%2f%2fretracker.gorcomnet.ru%2fannounce&tr=http%3a%2f%2fretracker.krs-ix.ru%2fannounce&tr=http%3a%2f%2fretracker.krs-ix.ru%3a80%2fannounce&tr=http%3a%2f%2fsecure.pow7.com%2fannounce&tr=http%3a%2f%2ft1.pow7.com%2fannounce&tr=http%3a%2f%2ft2.pow7.com%2fannounce&tr=http%3a%2f%2fthetracker.org%3a80%2fannounce&tr=udp%3a%2f%2ftorrent.gresille.org%3a80%2fannounce&tr=http%3a%2f%2ftorrentsmd.com%3a8080%2fannounce&tr=udp%3a%2f%2ftracker.aletorrenty.pl%3a2710%2fannounce&tr=http%3a%2f%2ftracker.baravik.org%3a6970%2fannounce&tr=udp%3a%2f%2ftracker.bittor.pw%3a1337%2fannounce&tr=http%3a%2f%2ftracker.bittorrent.am%2fannounce&tr=http%3a%2f%2ftracker.calculate.ru%3a6969%2fannounce&tr=http%3a%2f%2ftracker.dler.org%3a6969%2fannounce&tr=http%3a%2f%2ftracker.dutchtracking.com%2fannounce&tr=http%3a%2f%2ftracker.dutchtracking.com%3a80%2fannounce&tr=http%3a%2f%2ftracker.dutchtracking.nl%2fannounce&tr=http%3a%2f%2ftracker.dutchtracking.nl%3a80%2fannounce&tr=http%3a%2f%2ftracker.edoardocolombo.eu%3a6969%2fannounce&tr=udp%3a%2f%2ftracker.ex.ua%3a80%2fannounce&tr=http%3a%2f%2ftracker.ex.ua%3a80%2fannounce&tr=udp%3a%2f%2ftracker.filetracker.pl%3a8089%2fannounce&tr=udp%3a%2f%2ftracker.flashtorrents.org%3a6969%2fannounce&tr=udp%3a%2f%2ftracker.grepler.com%3a6969%2fannounce&tr=udp%3a%2f%2ftracker.internetwarriors.net%3a1337%2fannounce&tr=udp%3a%2f%2ftracker.kicks-ass.net%3a80%2fannounce&tr=http%3a%2f%2ftracker.kicks-ass.net%3a80%2fannounce&tr=udp%3a%2f%2ftracker.kuroy.me%3a5944%2fannounce&tr=udp%3a%2f%2ftracker.mg64.net%3a2710%2fannounce&tr=udp%3a%2f%2ftracker.opentrackr.org%3a1337%2fannounce&tr=udp%3a%2f%2ftracker.skyts.net%3a6969%2fannounce&tr=http%3a%2f%2ftracker.tfile.me%2fannounce&tr=udp%3a%2f%2ftracker.tiny-vps.com%3a6969%2fannounce&tr=http%3a%2f%2ftracker.tvunderground.org.ru%3a3218%2fannounce&tr=udp%3a%2f%2ftracker.yoshi210.com%3a6969%2fannounce&tr=http%3a%2f%2ftracker1.wasabii.com.tw%3a6969%2fannounce&tr=http%3a%2f%2ftracker2.itzmx.com%3a6961%2fannounce&tr=http%3a%2f%2ftracker2.wasabii.com.tw%3a6969%2fannounce&tr=http%3a%2f%2fwww.wareztorrent.com%2fannounce&tr=http%3a%2f%2fwww.wareztorrent.com%3a80%2fannounce&tr=https%3a%2f%2f104.28.17.69%2fannounce&tr=https%3a%2f%2fwww.wareztorrent.com%2fannounce&tr=http%3a%2f%2f107.150.14.110%3a6969%2fannounce&tr=http%3a%2f%2f109.121.134.121%3a1337%2fannounce&tr=http%3a%2f%2f114.55.113.60%3a6969%2fannounce&tr=http%3a%2f%2f128.199.70.66%3a5944%2fannounce&tr=udp%3a%2f%2f151.80.120.114%3a2710%2fannounce&tr=udp%3a%2f%2f168.235.67.63%3a6969%2fannounce&tr=http%3a%2f%2f178.33.73.26%3a2710%2fannounce&tr=http%3a%2f%2f182.176.139.129%3a6969%2fannounce&tr=http%3a%2f%2f185.5.97.139%3a8089%2fannounce&tr=udp%3a%2f%2f185.86.149.205%3a1337%2fannounce&tr=http%3a%2f%2f188.165.253.109%3a1337%2fannounce&tr=udp%3a%2f%2f191.101.229.236%3a1337%2fannounce&tr=http%3a%2f%2f194.106.216.222%2fannounce&tr=http%3a%2f%2f195.123.209.37%3a1337%2fannounce&tr=udp%3a%2f%2f195.123.209.40%3a80%2fannounce&tr=udp%3a%2f%2f208.67.16.113%3a8000%2fannounce&tr=http%3a%2f%2f213.163.67.56%3a1337%2fannounce&tr=http%3a%2f%2f37.19.5.155%3a6881%2fannounce&tr=http%3a%2f%2f46.4.109.148%3a6969%2fannounce&tr=http%3a%2f%2f5.79.249.77%3a6969%2fannounce&tr=http%3a%2f%2f5.79.83.193%3a2710%2fannounce&tr=http%3a%2f%2f51.254.244.161%3a6969%2fannounce&tr=udp%3a%2f%2f62.138.0.158%3a6969%2fannounce&tr=udp%3a%2f%2f62.212.85.66%3a2710%2fannounce&tr=http%3a%2f%2f74.82.52.209%3a6969%2fannounce&tr=http%3a%2f%2f85.17.19.180%2fannounce&tr=udp%3a%2f%2f89.234.156.205%3a80%2fannounce&tr=udp%3a%2f%2f9.rarbg.com%3a2710%2fannounce&tr=udp%3a%2f%2f9.rarbg.me%3a2780%2fannounce&tr=udp%3a%2f%2f9.rarbg.to%3a2730%2fannounce&tr=http%3a%2f%2f91.218.230.81%3a6969%2fannounce&tr=udp%3a%2f%2f94.23.183.33%3a6969%2fannounce&tr=udp%3a%2f%2fbt.xxx-tracker.com%3a2710%2fannounce&tr=udp%3a%2f%2feddie4.nl%3a6969%2fannounce&tr=http%3a%2f%2fexplodie.org%3a6969%2fannounce&tr=http%3a%2f%2fmgtracker.org%3a2710%2fannounce&tr=udp%3a%2f%2fopen.stealth.si%3a80%2fannounce&tr=http%3a%2f%2fp4p.arenabg.com%3a1337%2fannounce&tr=udp%3a%2f%2fshadowshq.eddie4.nl%3a6969%2fannounce&tr=udp%3a%2f%2fshadowshq.yi.org%3a6969%2fannounce&tr=http%3a%2f%2ftorrent.gresille.org%2fannounce&tr=http%3a%2f%2ftracker.aletorrenty.pl%3a2710%2fannounce&tr=http%3a%2f%2ftracker.bittor.pw%3a1337%2fannounce&tr=udp%3a%2f%2ftracker.coppersurfer.tk%3a6969%2fannounce&tr=udp%3a%2f%2ftracker.eddie4.nl%3a6969%2fannounce&tr=http%3a%2f%2ftracker.ex.ua%2fannounce&tr=http%3a%2f%2ftracker.filetracker.pl%3a8089%2fannounce&tr=http%3a%2f%2ftracker.flashtorrents.org%3a6969%2fannounce&tr=http%3a%2f%2ftracker.grepler.com%3a6969%2fannounce&tr=udp%3a%2f%2ftracker.ilibr.org%3a80%2fannounce&tr=http%3a%2f%2ftracker.internetwarriors.net%3a1337%2fannounce&tr=http%3a%2f%2ftracker.kicks-ass.net%2fannounce&tr=http%3a%2f%2ftracker.kuroy.me%3a5944%2fannounce&tr=udp%3a%2f%2ftracker.leechers-paradise.org%3a6969%2fannounce&tr=udp%3a%2f%2ftracker.mg64.net%3a6969%2fannounce&tr=http%3a%2f%2ftracker.mg64.net%3a6881%2fannounce&tr=http%3a%2f%2ftracker.opentrackr.org%3a1337%2fannounce&tr=udp%3a%2f%2ftracker.piratepublic.com%3a1337%2fannounce&tr=udp%3a%2f%2ftracker.sktorrent.net%3a6969%2fannounce&tr=http%3a%2f%2ftracker.skyts.net%3a6969%2fannounce&tr=http%3a%2f%2ftracker.tiny-vps.com%3a6969%2fannounce&tr=http%3a%2f%2ftracker.yoshi210.com%3a6969%2fannounce&tr=udp%3a%2f%2ftracker2.indowebster.com%3a6969%2fannounce&tr=udp%3a%2f%2ftracker4.piratux.com%3a6969%2fannounce&tr=udp%3a%2f%2fzer0day.ch%3a1337%2fannounce&tr=udp%3a%2f%2fzer0day.to%3a1337%2fannounce
Here is a link to the original torrent file, SHA-256 of the file is 057e5cef76d1b3ad41957f2ae023aa53151b8f8c59ffec12257075320101c98c
(make sure you compare it). The torrent is v2 and won’t open in clients that don’t support v2 torrents (like Transmission).
What
There is one text file (README.txt
) and three .7z
archives (Samsung Electronic - part {1,2,3}.7z
, I am still parsing the archives (it’s about 189GB of data after all) so stay tuned for more info.
If you’re interested in a FULL tree listing of every directory (no files) in the archives, check this out. Tree listing of the archives are below (limited to X levels deep because the full listings are obviously huge).
Samsung Electronic - part 1.7z
Size: 96,200,220,499 bytes
Samsung Electronic - part 2.7z
Size: 32,945,969,177 bytes
Samsung Electronic - part 3.7z
Size: 74,796,769,674 bytes
Looks like full source code for various Samsung Android components, confidential documentation, roadmaps, etc got leaked. Cool-i-o.