The tech giant, known for its high-end GPUs, NVIDIA, has seemingly suffered a cyberattack. The firm partially confirmed the incident as it admitted investigating the matter following media reports highlighting the same.
NVIDIA Potentially Suffered A Cyberattack
Recently, The Telegraph reported a potential cyberattack on NVIDIA systems. It seemed that the firm’s network had suffered a significant impact as the systems remained down for some time.
However, there was nothing concrete amidst the speculations until recently, when the firm commented on this matter.
According to various reports, NVIDIA has confirmed investigating an incident that affected its services. As per the statement of an NVIDIA spokesperson,
We are investigating an incident… We are still working to evaluate the nature and scope of the event and don’t have any additional information to share at this time.
Nonetheless, the statement also assured to have faced no impact on the business services.
Our business and commercial activities continue uninterrupted.
But this mere phrase doesn’t coincide with users’ observations and the reports from the underground world.
According to Bleeping Computer, an insider has confirmed that the incident “completely compromised” the tech giant’s internal systems.
Moreover, a criminal group has claimed on the dark web to have targeted NVIDIA.
Specifically, the LAPSUS$ ransomware group has admitted to attacking the NVIDIA network and stealing data. They seemingly stole 1TB of “confidential” data from the firm’s systems. The attackers even leaked NVIDIA employees’ password hashes to back this claim.
[ALERT] LAPSUS ransomware gang leaked the credentials of NVIDIA employees. And announced that it would soon release 1TB of stolen data. pic.twitter.com/0WVb7G88So
— DarkTracer : DarkWeb Criminal Intelligence (@darktracer_int) February 26, 2022
‘NVIDIA Are Criminals’ – Say The Hackers
Ironically, the attackers called the firm “criminals” after NVIDIA enraged them by attacking the hackers’ machines (as claimed).
Seriously what the hell is going on !!#Lapsus is claiming attacks on #Nvidia then #Nvidia hit back with a #Ransomware
Lapsus claims to have 1TB of data and is leaking all Nvidia employees' passwords and NTLM hashes@Cyberknow20 @SOSIntel @vxunderground @ransomwaremap pic.twitter.com/6hugTWEuhw
— Soufiane Tahiri (@S0ufi4n3) February 26, 2022
Regarding how the tech giant managed to attack the hackers back, LAPSUS$ issued an explanation. They also confirmed that the attack didn’t come from a competitor hacking group or alike.
No canaries or hidden backdoors but MDM… from another screenshot in which we see a folder named 'EFSTMPWP' suggests that maybe the hack back leveraged cypher.exe to encrypt data ? pic.twitter.com/u6jj1rcbOd
— dougy (@R3dHash) February 26, 2022
These actions at least confirm that NVIDIA did suffer a cyberattack. Also, they managed to respond to the attackers by successfully encrypting their system drives. Nonetheless, the hacking group confirmed to have backed up the data. Hence, the possibility of a potential NVIDIA data dump to appear online persists.
NVIDIA is yet to confirm the ransomware attack officially.