Hacker with a Backup Plan

A ransomware group stole a trove of data from a leading technology company — and backed it up before the firm took action.

A couple of weeks ago, a South American ransomware group called Lapsus$ was reportedly able to swipe over 1 terabyte of data from Nvidia, the company that invented the graphic processing unit that makes all those wonderful colors and images pop on your monitors and screens. 

The company also develops system-on-a-chip units for the mobile computing and automotive sectors. 

In addition to taking Nvidia’s systems offline for two days, the hackers were able to extract GPU and chip schematics, software development kits (SDKs), and a bunch of other technical data that a company like Nvidia keeps on its private servers for a reason.

This includes proprietary information on the Falcon architecture, which is a collection of embedded microprocesses within Nvidia’s GPUs that help protect hardware from being, ironically enough, hacked.

According to reports from VideoCardz and Digital Trends, the group released some data within days of the hack going public.

The hackers also claim to be in possession of the main algorithm embedded into Nvidia graphics cards that place limits on cryptocurrency mining hash rates. This is the programming that slows the chips down so their devices don’t use as much energy for intensive tasks like crypto-mining.

The hackers then threatened to sell the data for bypassing this algorithm, and leak everything else obtained in their hack, unless Nvidia paid up or unveiled an update that removes the limiter. 

What happened next is up for debate. According to Lapsus$, in an apparent tip of the black hat, they stated that Nvidia successfully re-hacked their servers and encrypted the stolen data so the hackers couldn’t use it. 

However, Lapsus$ also responded with a not-so-subtle taunt touting the fact that they had made backups of all the stolen data before being re-hacked.

While there’s been no update on the GPU or Falcon data, it appears that Lapsus$ is following through on some of its promises. User names and passwords for over 70,000 Nvidia employees have already been leaked, and some of the stolen code is being used to launch malware on the devices of Nvidia customers.

In addition to even more pending issues from the hack — Lapsus$ has vowed to release more data unless their monetary demands are met — the incident served as just the latest kick to Nvidia, which was already down: regulatory concerns prevented its proposed $66 billion acquisition of British chip designer ARM earlier this year.

More in Video