Countless Nvidia Employee Passwords Leak Online As Hackers’ Ransom Due-Date Looms

The ransomware group that declares to have taken a terabyte of information from chipmaking giant Nvidia is threatening to release the business’ “most closely-guarded secrets” today unless it meets the gang’s increasingly bizarre demands.

The Lapsus$ ransomware group, which initially claimed duty for the data breach last week, has already begun releasing information. According to information breach tracking site Have I Been Pwned (HIBP), the hackers took the credentials of more than 71,000 Nvidia workers. Several known Nvidia e-mail addresses all appeared jeopardized, according to checks. The information consists of e-mail addresses and Windows password hashes, according to HIBP, “many of which were subsequently cracked and circulated within the hacking community.”

While Nvidia previously confirmed that employee information was taken in the attack, the business refused to verify whether it has alerted those impacted or forced password resets for jeopardized accounts. Regardless of the increasing fallout from the occurrence — and the hacking group’s looming due date — Nvidia’s occurrence reaction page hasn’t been updated after Tuesday.

The hackers are now threatening to release Nvidia’s trade secrets, including schematics, source code and details on current Nvidia graphics chips, consisting of the as-yet-unannounced RTX 3090 Ti, unless Nvidia meets the group’s uncommon needs. The group contacted Nvidia to remove its questionable Lite Hash Rate (LHR) feature, which limits the Ethereum mining abilities of its RTX 30 series graphics cards. This feature was introduced in early-2021 in reaction to having its stock diminished by the crypto-mining community, making it impossible for players to get their hands on the new graphics cards.

“We want Nvidia to push an update for all 30 series firmware that remove every LHR limitations otherwise we will leak [the hardware] folder,” said the Lapsus$ group on Telegram. “If they remove the LHR we will forget about [the] folder… We both know LHR impact mining and gaming.” Earlier, Lapsus$ included another unusual demand: it wants Nvidia to open source its graphics chip drivers for macOS, Windows, and Linux devices. The group provided Nvidia ’til March 4th — that’s today — to comply.

When asked whether it plans to satisfy the hackers’ demands, Nvidia didn’t want to comment. Rather, the business pointed to the exact same statement it released previously this week.

According to information breach monitoring website Have I Been Pwned (HIBP), the hackers took the credentials of more than 71,000 Nvidia workers. Several confirmed Nvidia e-mail addresses all appeared compromised, according to checks. The hackers are now threatening to release Nvidia’s trade secrets, consisting of schematics, source code and information on current Nvidia graphics chips, consisting of the as-yet-unannounced RTX 3090 Ti, unless Nvidia satisfies the group’s uncommon needs. The group called on Nvidia to eliminate its controversial Lite Hash Rate (LHR) feature, which restricts the Ethereum mining abilities of its RTX 30 series graphics cards.

Author

  • I tried to fix the world, but God wouldn't give me his source code.

    Formerly, CEO and lead developer of a technology company, focusing on the merchant services space. Formerly, of WHMCompleteSolution (WHMCS).

    An avid gamer.

1 comment

Leave a comment

lexical-absolute
lexical-absolute
lexical-absolute
lexical-absolute
%d bloggers like this: