Nvidia hit with a Major Cyberattack

Krenum

Fully [H]
Joined
Apr 29, 2005
Messages
18,805
https://www.techradar.com/news/nvidia-hit-with-potentially-major-cyberattack

"Nvidia appears to have been hit with a potential cyber attack this week, which has reportedly "completely compromised" parts of its business, forcing the tech giant to take some services offline".

Nvidia - ""We are investigating an incident," An Nvidia spokesperson told TechRadar. "Our business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event and don't have any additional information to share at this time."


Might be a good idea to change your passwords and information.
 

pendragon1

Extremely [H]
Joined
Oct 7, 2000
Messages
41,918
saw that floating around twatter this am, was going to post it but the original "source" is paywalled and were the only place saying it. this one is recycling that claim. still cant find anyone else not referencing that first article from telegraph....
just looked again and still, one site says reuters said it, but reuters says telegraph said it and so on....
im waiting for an nvidia statement or kyle to chime in ;)

pw safety is a good idea though, just in case.
 

Krenum

Fully [H]
Joined
Apr 29, 2005
Messages
18,805
saw that floating around twatter this am, was going to post it but the original "source" is paywalled and were the only place saying it. this one is recycling that claim. still cant find anyone else not referencing that first article from telegraph....
just looked again and still, one site says reuters said it, but reuters says telegraph said it and so on....
im waiting for an nvidia statement or kyle to chime in ;)

pw safety is a good idea though, just in case.
Was scrolling the news app on my phone and it popped up, figured it was worthy enough to mention.
 

rinaldo00

[H]ard|Gawd
Joined
Mar 9, 2005
Messages
1,898
When a tech company especially a tech company big in AI and machine learning gets hacked it has to be embarrassing. That leather jacket is rumpled tonight.
 

pendragon1

Extremely [H]
Joined
Oct 7, 2000
Messages
41,918
The article I saw said it happened the same time Russia started cyber attacks on Ukraine
https://wccftech.com/nvidia-hit-by-...completely-compromised-parts-of-its-business/
see, even wtftech is pointing to it...
1645837771643.png



wait for nvidia to say something.
 

Red Falcon

[H]F Junkie
Joined
May 7, 2007
Messages
11,584
Thus begins the corporate wars of the dark cyberpunk future... :borg:
Will be interesting to see how this plays out.
 

D4rkn3ss

2[H]4U
Joined
Jun 30, 2010
Messages
2,619
a quick glance at this tells me is probably merican or chinese, for obvious reasons, but they'll blame the russians
 

The Mad Atheist

[H]ard|Gawd
Joined
Mar 9, 2018
Messages
1,436
Russia, is that you? Wonder if it's connected to Ukraine and Putin's threats?

Meh, only thing they'll get is the shared password I use on free porn sites, so let them bask in glorious midget nudes.
 

Silentbob343

[H]ard|Gawd
Joined
Aug 2, 2004
Messages
1,929
saw that floating around twatter this am, was going to post it but the original "source" is paywalled and were the only place saying it. this one is recycling that claim. still cant find anyone else not referencing that first article from telegraph....
just looked again and still, one site says reuters said it, but reuters says telegraph said it and so on....
im waiting for an nvidia statement or kyle to chime in ;)

pw safety is a good idea though, just in case.
Gotta love circular source game in modern reporting.
 

noko

Supreme [H]ardness
Joined
Apr 14, 2010
Messages
6,826
I don't see why companies don't allow hackers into false access to false data that blows up in their face. Basically making hacking not worth it, exposing hackers, locking up their equipment etc. False traps. Making hacking a particular company mostly suicide.

I also fail to see why sensitive information is not behind a wall of encryption with access only by hardware key with additional fingerprint/face etc. besides the usual password for access to the computer. Having a separate email/correspondence/internet network so internal work I would also think would be the norm. Anyways I just don't know enough about this in the end, I just wonder how in the world can Nvidia can be hacked at any significant level, source code breach etc.
 

polonyc2

Fully [H]
Joined
Oct 25, 2004
Messages
22,429
Nvidia Hackers Threaten to Release Mining-Limiter Killer

South America based hacking group Lapsus$ is threatening to disclose software and firmware data for Nvidia's LHR (Lite Hash Rate) mining performance limiter...the group appears to be confident in the quality of the stolen data, as they've already put up an announcement for the sale of data that could enable the bypass of Nvidia's LHR as implemented on the company's GA102 and GA104 chips...

https://www.tomshardware.com/news/nvidia-hackers-threaten-to-release-lhr-performance-limiter
 

Mchart

Supreme [H]ardness
Joined
Aug 7, 2004
Messages
5,577
I don't see why companies don't allow hackers into false access to false data that blows up in their face. Basically making hacking not worth it, exposing hackers, locking up their equipment etc. False traps. Making hacking a particular company mostly suicide.

I also fail to see why sensitive information is not behind a wall of encryption with access only by hardware key with additional fingerprint/face etc. besides the usual password for access to the computer. Having a separate email/correspondence/internet network so internal work I would also think would be the norm. Anyways I just don't know enough about this in the end, I just wonder how in the world can Nvidia can be hacked at any significant level, source code breach etc.
Legal reasons. Although that's not to say governments don't do this on behalf of some companies, but for a company to do this on it's own without government cooperation would cause them tons of legal trouble.
 

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
6,024
It looks like they were trying to get the code to remove the LHR limiters on the card or demand that NVidia removed the LHR stuff from the cards, but apparently, these guys communicate over Telegram and a lot of the conversation about the hack is up there.
 

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
6,024
Meaning the authorities got the conversation from Telegram Corp?
No Lapsus$ posts regularly to it.
They bragged publically about hacking NVidia, stated their demands, then went on a huge rant when they woke up to find themselves locked out of all their computers having to recover from their backups.

How Lapsus$ carried out the attack was over NVidia's own VPN by using some employees' credentials that they got via the usual means, NVidia noticed the unusual activity then went to work encrypting the system that was actively downloading it.

1646079113485.png
 

Armenius

Extremely [H]
Joined
Jan 28, 2014
Messages
33,183
No Lapsus$ posts regularly to it.
They bragged publically about hacking NVidia, stated their demands, then went on a huge rant when they woke up to find themselves locked out of all their computers having to recover from their backups.

How Lapsus$ carried out the attack was over NVidia's own VPN by using some employees' credentials that they got via the usual means, NVidia noticed the unusual activity then went to work encrypting the system that was actively downloading it.

View attachment 448960
The criminals who hit NVIDIA's network are now calling NVIDIA criminals for hitting back? That is rich. I bet these guys think they are some kind of Robin Hood outfit.
 

ElementDave

Limp Gawd
Joined
May 5, 2013
Messages
351
No Lapsus$ posts regularly to it.
They bragged publically about hacking NVidia, stated their demands, then went on a huge rant when they woke up to find themselves locked out of all their computers having to recover from their backups.

How Lapsus$ carried out the attack was over NVidia's own VPN by using some employees' credentials that they got via the usual means, NVidia noticed the unusual activity then went to work encrypting the system that was actively downloading it.

View attachment 448960
That's priceless: bragging about hacking into NVIDIA's servers and then throwing a temper tantrum when their own machines are (allegedly?) compromised in retaliation.
 

undertaker2k8

[H]ard|Gawd
Joined
Jul 25, 2012
Messages
1,835
This is amusing to say the least but if it results in LHR being made part of history, not sure I'm all that concerned. Nvidia kinda called it on themselves by creating this BS limiter in the first place.
 

OutOfPhase

Supreme [H]ardness
Joined
May 11, 2005
Messages
5,322
This is amusing to say the least but if it results in LHR being made part of history, not sure I'm all that concerned. Nvidia kinda called it on themselves by creating this BS limiter in the first place.
Or just buy the competition.
 

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
6,024
I suspect a buffer overflow attack with punctuation marks was in play.
Nothing so complicated, the "hackers" had to join the NVidia MDM to gain access to the VPN so, it was a pretty simple thing for NVidia to then start encrypting the machine since the hacker essentially signed it over to NVidias control, they just didn't get out fast enough before they realized what was going on.

In regards to the hack, they just used a number of known folder privilege escalation exploits to work their way through the folders.

The hackers are dropping names, but NVidia's not so convinced they actually got anything its kinda funny.
 

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
6,024
That's priceless: bragging about hacking into NVIDIA's servers and then throwing a temper tantrum when their own machines are (allegedly?) compromised in retaliation.
Reading more about what happened I'm not 100% sure NVidia even intentionally "hacked" them back, the hacker(s) had to join NVidia's MDM to gain access to the VPN, the MDM may have just scanned the new addition, saw it was out of spec on the security policies, then simply began updating the system according to the MDM's set security policies for the user account they used to connect it with.
This honestly could have been NVidia's MDM and security policies working as intended for the compromised user's profile, NVidia may not have been aware at all that the profile was compromised until after the data download was mostly done, then simply changing the compromised user's password or disabling their account would have similarly locked them out of anything that the MDM security profile had modified.
 

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
6,024
The criminals who hit NVIDIA's network are now calling NVIDIA criminals for hitting back? That is rich. I bet these guys think they are some kind of Robin Hood outfit.
Maybe, but Robin Hood probably wouldn't go after hospitals and medical clinics like these ones have.
 
Top