Share this article on:
Threat actors claim to have access to Samsung and are seeking a quick sale.
Threat actor “mommy” advertised initial access to Samsung Electronics Korea on a popular hacking forum and is seeking US$5,000.
“Root access to firewall server. Locally you can pivot from the firewall to their entire network,” said mommy.
“Price is non negotiable. It is low now, team is working on pivoting to more servers. As we get access to more critical infrastructure the price above will change increase.
“Buyers prepared to buy immediately within 10 hours of contact will be prioritized, and will receive a discount.
“Be prepared to use on site escrow.”
It is unclear whether or not the threat actor’s claims are legitimate.
Cyber Daily has reached out to Samsung for more information.
Last year, the company revealed that a cyber attack on its network resulted in the personal data of its customers being exposed.
The breach was discovered on 13 November 2023, with Samsung concluding that it was the result of an unauthorised user accessing the company’s systems through a vulnerability in a third-party application.
In a notification to its customers, the company said that the attack resulted in “some personal information of certain customers” being exposed.
“Based on our investigation, we have identified that the affected data may have included your name, phone number, address and email address,” the company said.
“We want to assure you that the issue did not impact your password or financial information.”
Samsung added that the affected customers were limited to those who made purchases on the company’s e-commerce site between 1 July 2019 and 30 June 2020.
Samsung also suffered two data breaches in 2022, having been attacked in March 2022 when the Lapsus$ hacking group stole and leaked 190 gigabytes of confidential internal data, including source code for Samsung’s Galaxy smartphones.
Only months later, the company was attacked again in July, resulting in customer names, contacts, birth dates, demographic information and product registration data being stolen.