Ransomware group Lapsus$ leaks Nvidia’s data

Ransomware group Lapsus$ has leaked the data, such as email addresses and login credentials, of Nvidia’s employees and also threaten to release 1 terabyte more data that it had stolen in a recent cyber attack to the chipmaker if demands are not met, a report said. 

Cybersecurity monitoring group DarkTracer, in a tweet, claimed that Lasus$ is asking Nvidia to remove its cryptocurrency mining limiter ‘LHR’ from its RTX 30-series video cards.  

[ALERT] LAPSUS ransomware gang leaked the credentials of NVIDIA employees. And announced that it would soon release 1TB of stolen data. pic.twitter.com/0WVb7G88So

— DarkTracer : DarkWeb Criminal Intelligence (@darktracer_int) February 26, 2022

Ransomware is a type of malicious software designed to block access to a computer system until some payment is made.  

Even though the American graphics processor manufacturer didn’t reveal the details, HaveIBeenPwned (a website that ascertains if an account has been compromised) stated that Nvidia has suffered a data breach that exposed employee credentials and proprietary code and the impacted data included over 70k employee email addresses and NTLM password hashes.  

“We decided to help mining and gaming community,” as per the message posted by Lapsus$ on Telegram, adding “We want Nvidia to push an update for all 30 series firmware that remove every lhr limitations otherwise we will leak hw folder. If they remove the lhr we will forget about hw folder (it's a big folder). We both know lhr impact mining and gaming.”  

Last year, Nvidia had adopted a new feature called Lite Hash Rate (LHR) due to the paucity of graphics shortage owing to an uptick in cryptocurrency mining. The LHR was designed specifically to control Ethereum mining to ensure more graphics cards are available for its intended purposes like gaming, etc., as per the company's claims.

Nvidia had recently launched a retaliatory attack on the cybercriminals to retrieve its stolen data after being hacked by Lapsus$. The ransomware gang took to its Telegram channel to voice its discontent at being counterattacked. Screenshots from the attack did the rounds on social media site Twitter. 

Incidentally, Lapsus$ has also allegedly stolen 190GB of data from Samsung, which involves encryption and source codes for many of the South Korean giant’s new devices.