NVIDIA is an American company dedicated to manufacturing chips for supercomputers, but in February, it was a new victim of cybercriminals. According to researchers and the perpetrators themselves, they managed to gain access to confidential data that ranges from information on their employees and credentials to source codes of their technologies. More information will be given in this article.
Read: Cisco talks about the vulnerabilities found in its Network Operating System for Switches
NVIDIA gives more information about the attack
The attack occurred last February; rumors had been heard for weeks that the company was conducting some investigations into an alleged cyberattack. But it was not until February 23 that everything came to light, in a set of statements from the company, data from researchers from security firms, and the cybercriminal group itself.
So far, it is known that among the stolen information are passwords of NVIDIA’s employees and data of several of its patented technologies. As they reported in a statement: “We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the Russia-Ukraine conflict,” they said. “However, we are aware that the threat actor took employee passwords and some NVIDIA proprietary information from our systems and has begun leaking it online.”
The group of cybercriminals behind this attack
According to the dark web intelligence firm DarkTracer, the group claiming responsibility for this attack is LAPSUS$, an extortionist gang that is also the perpetrator of this year’s attacks on Impresa, Localiza, Claro, and Embratel. They exposed the attack in their group on Telegram and clarified that they were going to leak classified information unless a “ransom” was paid.
Another thing this group reported was that NVIDIA had hacked back and encrypted the plundered data with ransomware, adding it eventually recovered the files from a backup. So their requests changed, and now they require the company to release a software update that removes the Lite Hash Rate (LHR) technology in its graphics cards, which is designed to reduce the Ethereum mining rate by 50% and prevent cryptocurrency miners from buying the gaming-focused GPUs.
In the message sent through the group in Telegram, it is quoted: “We request that NVIDIA commits to completely open-source (and distribute under a FOSS license) their GPU drivers for Windows, macOS, and Linux, from now on and forever.” But none of this has stopped NVIDIA from continuing its processes as they said in a statement: “We do not anticipate any disruption to our business or our ability to serve our customers as a result of the incident.”
Keep in touch with our blog to read the latest news and innovations in the cybersecurity world!
Photo by Christian Wiediger on Unsplash.
Facebook: Eagle Tech Corp
Instagram: @eagletech_corp
Twitter: @eagletechcorp
LinkedIn: Eagle Tech
YouTube: Eagle Tech Corp