Mar 6, 2022
37 Views
0 0

Hackers Threaten to Release Nvidia Source Code After Breach

Written by

Nvidia has announced a security incident impacting its IT resources, stating that a threat actor was able to steal employee passwords and some Nvidia proprietary information and began leaking the information online.

The Lapsus$ ransomware group claimed responsibility for the incident and is threatening to release the chip manufacturer’s “most closely-guarded secrets” soon if its demands are not met, according to TechCrunch

The group’s demands are unlike a typical negotiation. Instead of asking for a large sum of money, the group is asking Nvidia to remove its lite hash rate (LHR) feature. The LHR was created to limit Ethereum mining capabilities in its RTX 30 series graphics cards, as the cryptomining community depleted the stock in early 2021. The group is also asking Nvidia to open-source its GPU drivers for macOS, Windows, and Linux devices.

You can see screenshots of the messages below:

Lapsus$ claiming the attack on Nvidia

Lapsus$ gave Nvidia until today, March 4th, to meet the demands.

Prakash Linga, Co-Founder and CEO at BluBracket, shares his thoughts on this security incident:

“Source code represents some of the most coveted crown jewels that a company like NVidia possesses. As attackers have shifted their focus to exploiting weaknesses in code, it is imperative to detect and prevent code risks in Git repositories that contain the source code. This frequently overlooked area that makes up the internal software supply chain is where the shift-left movement delivers the most value,” Linga said.

In addition to the source code, Lapsus$ stole the credentials of more than 71,000 employees, according to the data breach monitoring website HaveIBeenPwned

It also says the stolen data includes “email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community.”

Upon publicly acknowledging the incident last week, Nvidia said it had not found any evidence of ransomware nor that the incident was related to the current Ukraine and Russia conflict.

Follow SecureWorld News for updates on the situation.

source

Article Categories:
Cybersecurity News

Comments are closed.