Lapsus$, the ransomware group that managed to steal a terabyte of sensitive data from NVIDIA last week, has warned that it will begin releasing some of the company’s “most closely guarded secrets” today unless green team meets its demands.
Will NVIDIA actually give in and do something as wild as removing the hash rate limiter on its GeForce RTX 30 Series LHR models and/or open-sourcing its graphics chip drivers, as the hackers have been boldly requesting? We may not know the answer to that until tomorrow, but Lapsus$ has already demonstrated how serious it is by releasing an appetizer in the form of thousands of leaked credentials belonging to NVIDIA employees.
As detailed on Have I Been Pwned’s (HITB) database of “pwned” websites, 71,335 email addresses and password hashes belonging to NVIDIA employees have leaked, with much of the latter having already been cracked by members of the hacking community, according to a blurb from HITB. NVIDIA hasn’t updated its incident response page since Tuesday.
“We want Nvidia to push an update for all 30 series firmware that remove every LHR limitations otherwise we will leak [the hardware] folder,” said the Lapsus$ group on Telegram. “If they remove the LHR we will forget about [the] folder… We both know LHR impact mining and gaming.”
Pwned websites (Have I Been Pwned)
In February 2022, microchip company NVIDIA suffered a data breach that exposed employee credentials and proprietary code. Impacted data included over 70k employee email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community.
- Breach date: 23 February 2022
- Date added to HIBP: 2 March 2022
- Compromised accounts: 71,335
- Compromised data: Email addresses, Passwords
Thousands of Nvidia employee passwords leak online as hackers’ ransom deadline looms (TechCrunch)
- While Nvidia previously confirmed that employee credentials were taken in the attack, the company declined to confirm whether it has notified those affected or forced password resets for compromised accounts.
- The hackers are now threatening to release Nvidia’s trade secrets, including schematics, source code and information on recent Nvidia graphics chips, including the as-yet-unannounced RTX 3090 Ti, unless Nvidia meets the group’s unusual demands.
- The group called on Nvidia to remove its controversial Lite Hash Rate (LHR) feature, which limits the Ethereum mining capabilities of its RTX 30 series graphics cards.
- Earlier this week, Lapsus$ added another unusual demand: it wants Nvidia to open source its graphics chip drivers for macOS, Windows and Linux devices. The group gave Nvidia until March 4 — that’s today — to comply.