Lapsus$ published a description of the upcoming leak, saying it contains “confidential Samsung source code” originating from a breach. The attacker said it has:
-- Source code for every Trusted Applet (TA) installed in Samsung’s TrustZone environment used for sensitive operations (e.g. hardware cryptography, binary encryption, access control)
-- Algorithms for all biometric unlock operations
-- Bootloader source code for all recent Samsung devices
-- Confidential source code from Qualcomm
-- Source code for Samsung’s activation servers
-- Full source code for technology used for authorizing and authenticating Samsung accounts, including APIs and services