Nvidia confirms cyber hackers have stolen more than 1TB of data from their server. The illegal tapping was done by an extortion group named LAPSU$, which is based in South America.
According to the company, the hacker installed malware and extracted data from its software distribution server and it is still not known the kind of data stolen. The chipmaker is investigating the breach and claimed to have a backup of the compromised data.
In 2020, the Nvidia server faced similar cyber attacks and the data of corporate giants including Intel was compromised. It stated to have taken proactive measures. The recent attack seems the effort to be in vain.
The stolen data is believed to be equipped with sensitive information including software kits and private tools and LAPSU$ is learned to have threatened to release the data if Nvidia fails to uplift all Lite Hash Rate (LHR) limitations for the GPUs of series GeForce RTX 30.
LHR is Nvidia-developed smart technology and helps in limiting the performance of GPU automatically if it is used for cryptomining. It prevents miners from purchasing the powerful GPUs that result with shortages of GPUs for gamers and manufacturers.
According to Nvidia spokesperson, the company learned about the hacking incident on February 23 and thereafter engaged security response experts as well as notified the law enforcement department. As of now, no ransomware evidence has been found on the server and it may even not be related to the Russian invasion of Ukraine.
LAPSU$ has been publishing updates on Telegram and lately revealed the download links of the stolen data, claiming to be from the Nvidia server. One of its posts asked the chipmaker to make their GPU drivers open-source for Linux, macOS and Windows forever.
It warned if the demand is not met, all the files will be revealed along with the future models of flagship graphics cards of the company. It claims to have the source code of the LHR.
The method used by LAPSU$ seems double extortion type. It is similar to ransomware gangs and compromising the victims by stealing data and thereafter threatening to leak it if the ransom is not paid. Industry experts argue the victims should not pay the ransom while the hacker encourages them to do so. Such extortion cases have increased in recent years.
It is yet to understand what step Nvidia would take to minimize such hacking incidences in the future and how to tackle the current crisis.