Incidents

Samsung leaks confidential source code and private keys by mistake

Web application security course specialists have revealed that a large amount
of confidential information has been exposed to the public on an undue basis in
GitLab;
according to the experts, the compromised information includes source code,
access credentials and confidential keys for several private projects. One of
the compromised implementations has been used by Samsung personnel to work on
the code of some of the company’s projects, such as Samsung SmartThings.

After the web application security course
experts’ investigation, dozens of Samsung internal coding projects were
discovered in GitLab due to an erroneous security configuration (they were not
password protected).

This means that anyone could access them and
even download the source code of SmartThings, the platform for smarthome
developed by Samsung
and the private certificates for the implementation of SmartThings on iOS and
Android.

According to experts, many of the exposed
folders stored records and analytical data for Samsung’s SmartThings and Bixby
services, as well as the private GitLab tokens of multiple employees stored in plain
text.

The SmartThings application has been downloaded
and installed only from Google Play more than 100 million times; The company
has updated the app regularly, but specialists claim that a Samsung developer
token could grant access to 130 Samsung’s projects at GitLab.

On the other hand, the company has revoked the
credentials of Amazon Web Services (AWS) after the web application security
course experts finished their investigation. Samsung has not yet closed the
case, which means that they may not yet have completed cyber security incident
recovery process.

According to the experts from the International
Institute of Cyber Security (IICS), there are few companies that, by mistake,
come to leak confidential material, such as source code or private keys,
through platforms for software developers. For many experts, a fundamental part
of this problem is the outsourced services, which can commit multiple security
omissions in their routine work.

To Top

Pin It on Pinterest

Share This