Saturday, February 26th 2022

NVIDIA has Allegedly Been Hacked, Internal Systems Compromised

According to several reports in various media, NVIDIA has been hacked and several key systems, such as email and its internal developer tools have been down for the past few days. According to CRN, NVIDIA is investigating "an incident" and the company issued the following statement to the publication. "Our business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event and don't have any additional information to share at this time."

In a regulatory filing back in October 2021, NVIDIA seemingly warned its shareholders of a future attack on the company of some kind. NVIDIA claimed that it's hard to protect against attacks, as the attacks are getting more "prevalent and sophisticated". The filing went on to say "Our efforts to prevent and overcome these and similar challenges could increase our expenses and may not be successful. We may experience interruptions, delays, cessation of service and loss of existing or potential customers." Based on media reports, it's currently not known whether any data has been stolen or damaged and it appears that the attacker(s) haven't been identified.
Update: According to vx-underground, it's a South American "extortion group" by the name LAPSUS$ that's behind the hack. Based on screenshots provided by vx-underground, NVIDIA has allegedly hacked LAPSUS$ back and encrypted the data that was stolen. Unfortunately for NVIDIA, it seems like LAPSUS$ had backups of the data. The group claims to be sitting on around 1 TB of data from the hack.

Update 2: Further details about NVIDIA's retaliation on the hackers has popped up and it would appear that NVIDIA managed to access and encrypt the data through its own VPN. This seems to have been possible due to the fact that it was a VM image of an NVIDIA system that was being used. In other words, NVIDIA didn't hack the hackers, but rather accessed a VM image of one of their own systems and encrypted the data on said VM. Unfortunately for NVIDIA, LAPSUS$ claims to have backups of the VM image and data.
Sources: CRN, @vxunderground, @vxunderground
Add your own comment

64 Comments on NVIDIA has Allegedly Been Hacked, Internal Systems Compromised

#1
mechtech
They were probably just trying to find out if there is any hidden stock of video cards anywhere. ;)
Posted on Reply
#2
zlobby
IDK, if only they were putting more effort on developing secure solutions instead of telemetry and ways to scam buyers?
Posted on Reply
#3
mb194dc
Imagine what has been compromised since solar winds...

Don't be surprised if there was further compromised software distributed as a consequence of that.
Posted on Reply
#4
birdie
"NVIDIA has hacked us back".

The amount of BS in this statement is just staggering. Could have been written by a 10 yo.
Posted on Reply
#5
Steevo
birdie"NVIDIA has hacked us back".

The amount of BS in this statement is just staggering. Could have been written by a 10 yo.
Done backtracked em
Posted on Reply
#6
Xex360
mechtechThey were probably just trying to find out if there is any hidden stock of video cards anywhere. ;)
Or maybe trying to get the list of scalpers.
Posted on Reply
#8
qubit
Overclocked quantum bit
I'd have thought NVIDIA would have been more bulletproof than that. At least they've figured out who did and did it back to them, so that's something.

It's unthinkable that NVIDIA don't have a backup of the data that was taken from them.
Posted on Reply
#9
Bomby569
qubitI'd have thought NVIDIA would have been more bulletproof than that. At least they've figured out who did and did it back to them, so that's something.

It's unthinkable that NVIDIA don't have a backup of the data that was taken from them.
i think he can safely say by now there aren't bulletproof systems. give someone the opportunity they will eventually find a way in.
Posted on Reply
#10
qubit
Overclocked quantum bit
Bomby569i think he can safely say by now there aren't bulletproof systems. give someone the opportunity they will eventually find a way in.
That's sadly, true. I'll bet somewhere along the line someone did something wrong and didn't follow instructions or protocols somewhere. It usually boils down to human error somewhere along the line.
Posted on Reply
#11
wheresmycar
Damn it, i was imagining the hackers holding Nvidia hostage and demanding "cut your GPU's selling price by half, if not more" and we'll leave you alone.

Oh well, only in the movies.
Posted on Reply
#12
zlobby
qubitIt's unthinkable that NVIDIA don't have a backup of the data that was taken from them.
Human greed and ego know no limit.
Posted on Reply
#13
FreedomEclipse
~Technological Technocrat~
The hackers were trying to find the manufacturer of Jensen's Lucky Leather Jacket.

Posted on Reply
#14
CallandorWoT
mb194dcImagine what has been compromised since solar winds...

Don't be surprised if there was further compromised software distributed as a consequence of that.
In the United States, it is not required by law for a corporation to disclose if they have been hacked or not. I would bet money there have been loads of hacks.

Personally, I think the world needs to slow down, and go back to mailing paper checks and nothing online, greed needs to take a backseat, Mother Earth can't take it anymore anyway, as the Great Pacific Plastic pouches can attest.

A shame humans refuse to change, and instead plow forth at full speed ahead regardless of the consequences.

Ban crypto/NFT's and move some systems back to a LAN or paper system (but not all, but majority, especially critical infrastructure)

True, the world would move a little slower, but the world worked this way just fine not that long ago.

My thoughts matter not, for humanity has already chosen its fate. Endwalker Planet Archives #7429
Posted on Reply
#15
newtekie1
Semi-Retired Folder
qubitIt's unthinkable that NVIDIA don't have a backup of the data that was taken from them.
They very likely do have backups. But restoring from backups isn't instant. It can take days to restore from a backup, even local backups.

And this time can be extended when you are trying to investigate what exactly happened and why. Sometime restoring from the backup isn't even started right away. Especially in a situation like this, where it seems it isn't immediately affect their day to day business.
wheresmycarDamn it, i was imagining the hackers holding Nvidia hostage and demanding "cut your GPU's selling price by half, if not more" and we'll leave you alone.
If only nVidia could control that. The fact is nVidia could set the MSRP to $1, and the market prices wouldn't fall at all.
Posted on Reply
#16
CrAsHnBuRnXp
I think my favorite part is basically Jensen saying "oh hell no! Hack them back!" like who does that? lol
Posted on Reply
#17
ThrashZone
Hi,
Clearly not using win-11 and defender/ microsoft security :laugh:
Posted on Reply
#18
qubit
Overclocked quantum bit
zlobbyHuman greed and ego know no limit.
Yes, quite.
newtekie1They very likely do have backups. But restoring from backups isn't instant. It can take days to restore from a backup, even local backups.

And this time can be extended when you are trying to investigate what exactly happened and why. Sometime restoring from the backup isn't even started right away. Especially in a situation like this, where it seems it isn't immediately affect their day to day business.
I know this, but thanks for the explanation anyway. :) I was just making that there's no way that they'll have suffered catastrophic data loss from this. It's still pretty disruptive, though.
Posted on Reply
#19
mb194dc
CallandorWoTIn the United States, it is not required by law for a corporation to disclose if they have been hacked or not. I would bet money there have been loads of hacks.

Personally, I think the world needs to slow down, and go back to mailing paper checks and nothing online, greed needs to take a backseat, Mother Earth can't take it anymore anyway, as the Great Pacific Plastic pouches can attest.

A shame humans refuse to change, and instead plow forth at full speed ahead regardless of the consequences.

Ban crypto/NFT's and move some systems back to a LAN or paper system (but not all, but majority, especially critical infrastructure)

True, the world would move a little slower, but the world worked this way just fine not that long ago.

My thoughts matter not, for humanity has already chosen its fate. Endwalker Planet Archives #7429
Guess you missed the point? Or don't get the rest of your post...

The solar winds had months inside the systems of many corporations and governments.

Very possibly they compromised other software that we know nothing about, yet.
Posted on Reply
#20
CallandorWoT
mb194dcGuess you missed the point? Or don't get the rest of your post...

The solar winds had months inside the systems of many corporations and governments.

Very possibly they compromised other software that we know nothing about, yet.
I didn't miss the point at all, and I understand everything you just said, and my response stays the same.
Posted on Reply
#21
robot zombie
mb194dcGuess you missed the point? Or don't get the rest of your post...

The solar winds had months inside the systems of many corporations and governments.

Very possibly they compromised other software that we know nothing about, yet.
To me, he's basically saying stuff like this would happen less (and be easier to contain when it did) if society was less geared for getting everything done as quickly as possible and constantly producing stuff and effort. He sees situations like this as a part of bigger human follies.

Basically, he's implying that situations like these are inherent to how societies operate right now, and that if they are to change, compromise might be necessary. That SolarWinds happened is the very reason for the notion... he's questioning our relying on these systems for speed and convenience. That speed and convenience comes at the price of the occasional massive information security compromise. Not that these things can't happen with physical mediums, or that they are necessarily even superior. However, the speed of transmission is itself (along with the ability to connect remotely) an amplifying factor when it comes to exploiting these information systems. Everything just happens faster, and at greater scale, which makes it harder to control.

Truth be told, I don't know how that factors in from a practical standpoint and I'm not sure how a 'retooling' to 'the old ways' would even look. But as a philosophical criticism of how the world works, it makes perfect sense to me. Personally I think modern info tech is the gazongas. It's really cool, and it has brought a lot of good things in the world. But the person you quoted was getting at a more fundamental obstacle to using and implementing them, the issues there are only ever-evolving workarounds for.

It really goes further, suggesting this same mindset drives our reaction to climate change. It's getting tangential for me by then, but the connection is definitely there. It's easy to look at situations like this as being the cost of moving too fast, along with other things like the building of hungry empires, war, or consumer culture. Something that maybe predates the technology we use currently, but may still continue to show in the ways we concieve, adopt, and utilize new technology.
Posted on Reply
#22
Mistral
Now we'll see if there was anything real to Biden's "we'll take cyber attacks on US companies seriously" or if it was just empty posturing, again. Place your bets!
Posted on Reply
#23
CallandorWoT
robot zombieTo me, he's basically saying stuff like this would happen less (and be easier to contain when it did)
Correct, same reason Lord Gaben removed crypto/nft from Steam purchases, because fraud is too high in those markets. It's about the amount, its not that fraud would not exist without crypto/nft, its the amount percentage of the fraud. Get skill boys!

www.pcgamer.com/50-of-transactions-were-fraudulent-when-steam-accepted-bitcoin-for-payments-says-gabe-newell/

ALL HAIL, OUR LORD AND SAVIOR LORD GABEN!
Posted on Reply
#24
the54thvoid
CallandorWoTCorrect, same reason Lord Gaben removed crypto/nft from Steam purchases, because fraud is too high in those markets. It's about the amount, its not that fraud would not exist without crypto/nft, its the amount percentage of the fraud. Get skill boys!

www.pcgamer.com/50-of-transactions-were-fraudulent-when-steam-accepted-bitcoin-for-payments-says-gabe-newell/

ALL HAIL, OUR LORD AND SAVIOR LORD GABEN!
I will not worship the man who removed our dreams of Half life 3.
Posted on Reply
Add your own comment
Jun 30th, 2022 06:46 EDT change timezone

New Forum Posts

Popular Reviews

Controversial News Posts