Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Threat actors list Samsung Electronics access for sale online

Threat actors claim to have access to Samsung and are seeking a quick sale.

user icon Daniel Croft
Fri, 01 Nov 2024
Threat actors list Samsung Electronics access for sale online
expand image

Threat actor “mommy” advertised initial access to Samsung Electronics Korea on a popular hacking forum and is seeking US$5,000.

“Root access to firewall server. Locally you can pivot from the firewall to their entire network,” said mommy.

“Price is non negotiable. It is low now, team is working on pivoting to more servers. As we get access to more critical infrastructure the price above will change increase.

============
============

“Buyers prepared to buy immediately within 10 hours of contact will be prioritized, and will receive a discount.

“Be prepared to use on site escrow.”

It is unclear whether or not the threat actor’s claims are legitimate.

Cyber Daily has reached out to Samsung for more information.

Last year, the company revealed that a cyber attack on its network resulted in the personal data of its customers being exposed.

The breach was discovered on 13 November 2023, with Samsung concluding that it was the result of an unauthorised user accessing the company’s systems through a vulnerability in a third-party application.

In a notification to its customers, the company said that the attack resulted in “some personal information of certain customers” being exposed.

“Based on our investigation, we have identified that the affected data may have included your name, phone number, address and email address,” the company said.

“We want to assure you that the issue did not impact your password or financial information.”

Samsung added that the affected customers were limited to those who made purchases on the company’s e-commerce site between 1 July 2019 and 30 June 2020.

Samsung also suffered two data breaches in 2022, having been attacked in March 2022 when the Lapsus$ hacking group stole and leaked 190 gigabytes of confidential internal data, including source code for Samsung’s Galaxy smartphones.

Only months later, the company was attacked again in July, resulting in customer names, contacts, birth dates, demographic information and product registration data being stolen.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.