Nvidia Hackers Selling Cryptocurrency Mining Bypass
On Friday of last week news broke that someone had infiltrated Nvidia’s network, though at the time it wasn’t clear what they were after or if it was somehow related to Russia’s invasion of Ukraine. It now appears the Nvidia hackers were after a very obvious target: the code behind Nvidia’s Low Hash Rate (LHR) limiter, which reduces GeForce GPU performance when mining cryptocurrency.
As we reported last week, the nefarious activity “completely compromised” some of Nvidia’s internal systems, causing the company to lose access to its email system for several days. Nvidia also shut down some of its own systems to prevent the spread of malware and to allow it to investigate. New information has come to light that indicates Nvidia had a pretty busy weekend doing battle with the hackers, which are apparently a group named Lapsus$, according to an account by Wccftech. The group reportedly was able to snag a terabyte of data from Nvidia’s servers, which included drivers, firmware, documentation, and developer SDKs. There were reports over the weekend that Nvidia tried to hack the group back by encrypting the files it had managed to steal, but the group was thinking ahead and had made a backup, so Nvidia’s efforts may have been fruitless.
The hackers made several announcements on Telegram, the encrypted messaging and chat service, which were then posted to Twitter. One tweet noted the hackers said they were releasing “part one” of the files they had exfiltrated from Nvidia. Readers interested in poking around in such depositories should be wary. Last week, a hacker posted what he claimed was a workaround for Nvidia’s LHR limiter. Once people began poking around in it, they discovered it was malware.
LAPSUS$ was able to use the stolen files to create a workaround for Nvidia’s LHR limiter, which it is already selling it the black market. The limiter bypass would allow Nvidia RTX 30-series cards to mine crypto currency at full-speed, instead of being limited by Nvidia to discourage miners from buying all its GPUs. The hackers are now demanding Nvidia remove the LHR from all its 30-series GPUs, or else it will release even more data that it has stolen from the company. It could also theoretically release the LHR workaround to the public. Nvidia will obviously never take this course of action.
Even worse, the company claims it gained access to Nvidia employee information, including every employee’s password hash. Bleeping Computer posted the notification on Twitter, but has not verified it as of press time. Password hashes are not the same thing as the actual password, but obviously this is not something Nvidia wants out in the wild.
Continue reading
Review: DJI’s New Mini 2 May Be the Perfect Travel Drone
If you love traveling with your drone but hate lugging around a lot of gear, DJI's Mini 2 may be the perfect solution.
Space Mining Gets 400 Percent Boost From Bacteria, ISS Experiments Show
We'll need lots of raw materials to sustain human endeavors on other planets, and a new project on the International Space Station demonstrates how we can make space mining over 400 percent more efficient.
Earth’s ‘Minimoon’ Is About to Leave Us Forever
According to astronomers, Earth's latest artificial satellite is about to become a former satellite as it prepares to zip off into the inky blackness of space.
Apple: Mac Mini M1 Uses One-Third the Electricity of Intel CPU
Apple has posted the official figures for power consumption on the M1 Mac mini. The new system draws less than a third the power of an equivalent Intel system.