Latest news with #Infostealers

Forbes

Infostealer Strikes Samsung—270,000 Records Stolen

Samsung has been hit by a 270,000 record infostealer attack. There really is no shortage of infostealer malware headlines these days. In fact, you might say that this particular type of attack has become something of a security epidemic. Nor does it look like data leaks are going away either, what with new reports of 200 million X user records being given away in an online breach forum. Now, the two have come together as reports surface of 270,000 Samsung customer tickets being made available online. Here's what we know so far. Infostealers. I hate them, and you should as well. If you are a business, on the other hand, you should be ensuring that your customers are protected from them. And that includes, it would seem, from historical attacks. I've already written about time-traveling hackers, but this is different. According to Alon Gal, co-founder and chief technology officer at Hudson Rock, writing at the organization's Infostealers hub, an Infostealer malware attack in 2021 has led to a brand new dump of some 270,000 Samsung customer tickets. ​Gal warned that Hudson Rock analysts have confirmed that those 270,000 tickets contain full names, email addresses, home addresses, transaction details such as order and model numbers, payment methods, tracking URLs and support interactions, among other data. 'From exact addresses to what TV they bought three years ago,' Gal said, 'it's all there, dumped for anyone to grab—and since it's free, the barrier to entry for exploitation is zero.' The stolen data appears to be from Samsung Germany, and Gal said it can be traced back to an original Infostealers attack back in 2021. At the time, Raccoon malware harvested login credentials from a third party associated with Samsung's German ticketing system, Gal explained. These credentials sat dormant until a hacker called GHNA got their hands on them. And now, Gal continued, '270,000 customer tickets have hit the open internet, most of them from 2025, courtesy of a simple login that never got rotated.' The worst part is that it appears Hudson Rock flagged those stolen credentials in a threat intelligence database years ago. 'Samsung could've acted,' Gal said, 'but they didn't, and now the damage is done.' I have reached out to Samsung for a statement.