Hacktivist outfit Genesis Day has claimed to attack South Korean technology giant Samsung and has allegedly accessed its internal systems.
Genesis Day asserted that the attack was launched following “South Korea’s increased involvement with NATO,” reported CyberKnow. The notorious hacktivist group claimed to have gained access to the company’s intranet.
They also threatened to release sensitive information, including business data files from Samsung’s French operations, internal MFA flow charts, demonstration videos, and login procedures for the company’s internal systems, as well as employee access credentials and personal information.
👀👀🤔🤔
Hacktivist group Genesis Day claims to have hacked and accessed internal systems at #Samsung
They claim its due to #SouthKorea‘s increased involvement with #NATO #cybersecurity #infosecurity #breach #genesisday pic.twitter.com/9ieyKNfxlv
— CyberKnow (@Cyberknow20) January 18, 2023
The cyber attack on Samsung and the claim by Genesis Day has sent shockwaves through the tech industry. It has also put Samsung on high alert and raised concerns about the safety of confidential information within the company, reported The Tech Outlook.
“Because South Korea has recently strengthened its cooperation with NATO and targeted other countries. We hacked into the internal FTP service of the Samsung Group in South Korea,“ the attackers said in their threat post.
The rise of Genesis Day & Pro-Russian hackers
In recent years, there has been an increase in hacking groups and individuals believed to be linked to Russia. These “pro-Russian hackers” have been behind several cyber attacks, including data breaches, website defacements, and denial-of-service attacks.
Some of the most notable pro-Russian hacking groups include APT28 (also known as Fancy Bear), APT29 (also known as Cozy Bear), and the SandWorm Team.
These groups are believed to be involved in several high-profile cyber attacks, including the 2016 US Presidential election and the 2017 WannaCry ransomware attack.
Many experts believe that these groups are backed by the Russian government and are used as a tool for espionage and influence operations.
The rise of pro-Russian hackers is also a cause for concern as it demonstrates increased state-sponsored cyber activities. This can lead to major security breaches and disrupt the global peace, economy, and political and critical infrastructure.
Experts believe that since most of these Russian hacking groups are backed by the Russian government, it allows them to operate on a larger scale and carry out more sophisticated attacks.
Russian hackers are known to use advanced tools and techniques, including zero-day exploits, malware, and sophisticated phishing campaigns. They are also known to use a variety of tactics to evade detection and maintain access to compromised systems.
Samsung cyber attacks
In the beginning of 2022, Samsung was targeted by the Lapsus$ cybergang, who claimed to have obtained 190 Gb of data from the company.
The data stolen by the group included source code for Galaxy devices and more than 6,000 secret keys, such as private keys, login credentials, and keys for services like AWS, GitHub, and Google.
The company is currently facing legal action for the data breach. According to the lawsuit, hackers could access the personal information of a large number of consumers due to the lax cybersecurity measures of the company.