Hackers who stole 1 TB of data from Nvidia are now trying to sell data, including information on lifting restrictions on video cards for mining Ethereum.
It was reported that South American group LAPSU$ is behind the alleged cyber-extortion attack on NVIDIA. Attackers allegedly attacked the internal servers of NVIDIA and stole more than 1 TB of data. Initially, the company did not confirm this information but only reported that it was investigating the alleged incident.
On Twitter, LAPSU$ tweeted that the company attacked them back in response in an attempt to encrypt the data stolen by them, but the group made a copy of them on its virtual machine, and the measures taken by NVIDIA were ineffective.
But that was not the actual fact. NVIDIA was able to access and encrypt data through its own VPN due to the fact that an NVIDIA virtual machine image was used. In other words, the company did not hack hackers, but gained access to the image of a virtual machine of one of its own systems and encrypted the data stored on it. However, unfortunately for NVIDIA, LAPSUS$ has backed up the virtual machine and data.
On Monday, February 28, Lapsus$ (LAPSU$) sent suggestions to interested buyers via its public chat. According to the report, hackers have at their disposal a customized driver that can easily unlock the Lite Hash Rate (LHR) hash rate limiter in RTX 3000 series video cards, PCmag reported.
LAPSUS$ demanded a ransom from Nvidia in cryptocurrency. Currently, the group offers a 19 GB archive, presumably containing the source code of Nvidia graphics card drivers. In addition, it has enough information that can help tech-savvy users remove hash rate restrictions.
On Sunday, February 27, hackers demanded that the company remove the LHR limiter in all RTX 3000 video cards using a software update. In case of refusal, the group threatened to "leak" a large folder with information regarding Nvidia hardware.