Ransomware Group Claims NVIDIA Hacked It in Retaliation for Cyber Attack

The FPS Review may receive a commission if you purchase something after clicking a link in this article.

NVIDIA Logo Data Center Tweet

A ransomware group by the name of Lapsus$ is claiming that NVIDIA has hacked its systems in retaliation for a recent cyber attack on the chipmaker. It was reported on February 25 that NVIDIA’s internal systems had been “completely compromised.” At the time, it was believed that the attack might have been a result of Russian cyber warfare. Now it appears that a known ransomware group, who is believed to be based somewhere in South America, is claiming responsibility for the attack, and it has, in turn, become victims themselves.

Lapsus$ members say they awoke after the attack on NVIDIA to find their systems were being encrypted.

The group has also claimed it had already backed up the files, so the attack is all for naught, despite its own systems having been encrypted. Some of the data had already been released on the internet prior to the attack, but the group has stated that it is not sure how the rest of it will be released.

“We are not sure how we will leak the data yet. We think it will be in 5 different releases, it’s very large, almost 1TB.”

Employee passwords and hashes have surfaced, and there’s some speculation that NVIDIA may have had some sort of countermeasure planted in the stolen data.

The group has gone on to explain the process by which it obtained the stolen data. It turns out those means may have actually been the method that led to its systems being compromised. CNN has reported that mobile device management software was claimed to have been used in both attacks.

Lapsus$ said on Telegram that accessing the VPN of Nvidia employees requires a PC to be enrolled in mobile device management (MDM), according to screenshots posted to Twitter. For this reason, Nvidia was able to connect to a virtual machine that Lapsus$ uses, according to the ransomware operator. – Michael Novinson (CNN)

NVIDIA has not claimed any responsibility for the attack on Lapsus$, nor is it currently known if it intends to pay the group either.

Source: HotHardware

Peter Brosdahl
As a child of the 70’s I was part of the many who became enthralled by the video arcade invasion of the 1980’s. Saving money from various odd jobs I purchased my first computer from a friend of my dad, a used Atari 400, around 1982. Eventually it would end up being a lifelong passion of upgrading and modifying equipment that, of course, led into a career in IT support.

Recent News