On Friday of last week news broke that someone had infiltrated Nvidia’s network, though at the time it wasn’t clear what they were after or if it was somehow related to Russia’s invasion of Ukraine. It now appears the Nvidia hackers were after a very obvious target: the code behind Nvidia’s Low Hash Rate (LHR) limiter, which reduces GeForce GPU performance when mining cryptocurrency.
As we reported last week, the nefarious activity “completely compromised” some of Nvidia’s internal systems, causing the company to lose access to its email system for several days. Nvidia also shut down some of its own systems to prevent the spread of malware and to allow it to investigate. New information has come to light that indicates Nvidia had a pretty busy weekend doing battle with the hackers, which are apparently a group named Lapsus$, according to an account by Wccftech. The group reportedly was able to snag a terabyte of data from Nvidia’s servers, which included drivers, firmware, documentation, and developer SDKs. There were reports over the weekend that Nvidia tried to hack the group back by encrypting the files it had managed to steal, but the group was thinking ahead and had made a backup, so Nvidia’s efforts may have been fruitless.
The hackers made several announcements on Telegram, the encrypted messaging and chat service, which were then posted to Twitter. One tweet noted the hackers said they were releasing “part one” of the files they had exfiltrated from Nvidia. Readers interested in poking around in such depositories should be wary. Last week, a hacker posted what he claimed was a workaround for Nvidia’s LHR limiter. Once people began poking around in it, they discovered it was malware.
LAPSUS$ was able to use the stolen files to create a workaround for Nvidia’s LHR limiter, which it is already selling it the black market. The limiter bypass would allow Nvidia RTX 30-series cards to mine crypto currency at full-speed, instead of being limited by Nvidia to discourage miners from buying all its GPUs. The hackers are now demanding Nvidia remove the LHR from all its 30-series GPUs, or else it will release even more data that it has stolen from the company. It could also theoretically release the LHR workaround to the public. Nvidia will obviously never take this course of action.
Even worse, the company claims it gained access to Nvidia employee information, including every employee’s password hash. Bleeping Computer posted the notification on Twitter, but has not verified it as of press time. Password hashes are not the same thing as the actual password, but obviously this is not something Nvidia wants out in the wild.
Now Read:
- Cyberattacks Disrupt Chernobyl’s Automatic Monitoring System
- US-CERT Warns North Korea Has Stepped Up Cyberattacks
- Cyberpunk Developer Hit with Ransomware Attack
from ExtremeTechExtremeTech https://ift.tt/O9vaVL0
ليست هناك تعليقات:
إرسال تعليق