Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Hackers stole top-secret GPU details — then Nvidia hit back

Following a cyberattack that took Nvidia’s systems offline for two days last week, the hacking group behind the initial breach has now revealed it has allegedly gained access to over 1TB of data from the tech giant.

When the attack was originally reported on Friday, there wasn’t too much information provided beyond the fact that Nvidia was “investigating an incident.” However, over the weekend, there were some extremely interesting developments pertaining to the situation, which includes purported retaliation by Nvidia.

Jacob Roach / Digital Trends

Cyber breach details reveal extent of hack

Firstly, ​​hacking group LAPSUS$ stated that the hack it carried out resulted in gaining entry to Nvidia’s servers for about an entire week. As a result of this unprecedented access, it says it was able to extract 1TB of data, including schematics, drivers, firmware, and more.

“We also have documentation, private tools and SDKs, and everything about falcon [microprocessors for NVIDIA GPUs based on a custom architecture], we know what is valuable,” the South American group explained on Telegram.

According to VideoCardz, the group has released the first batch of the leak. The publication’s sources indicate that the “partial data included in the package appears to match the claims.”

One important piece of data originating from the hack the group claims it now has in its possession is an LHR V2 bypass for GA102-GA104 GPUs. As reported by VideoCardz, that means LAPSUS$ located the main algorithm used to implement the cryptocurrency mining hash rate limiter that Nvidia applied to its RTX 30-series of graphics cards in 2021. It says it is currently selling the LHR V2 bypass, but added that the group hopes Nvidia removes it soon.

Most recently, a tool that was claimed to remove the mining limits imposed on various Nvidia GPUs was proven to be malware. But if these hackers’ assertion that they stole the algorithm behind the limiter is actually true, then a program to unlock full mining performance for some of the most popular video cards may very well materialize in the near future.

The Telegram posts detailing the Nvidia cyberattack.
Image source: VideoCardz Image used with permission by copyright holder

As detailed in its Telegram posts revealing the extent of the hack, the group said that in an effort to “help” the mining and gaming communities, it wants Nvidia to “push an update for all 30-series firmware that remove every LHR limitation.” If the company does not meet this specific demand, LAPSUS$ threatens to leak the “hw folder.”

Moreover, should Nvidia fail to contact the hackers, the group “will take actions.” While the exact motive behind the hack may potentially be related to extracting as much monetary value as it can, LAPSUS$ stresses the attack is not politically motivated, nor is it state-sponsored.

Nvidia fights back

In an interesting turn of events over the weekend, Nvidia has seemingly fought back by, well, hacking the hackers. According to a tweet from vx-underground, as reported by Kitguru, Team Green “performed a hack back” and subsequently “ransomed [the group’s] machines.” A statement from the group further elaborated on Nvidia’s actions, apparently confirming that the firm encrypted its hard drives. However, LAPSUS$ asserts it was able to generate a backup containing the breached data.

LAPSUS$ commented on Nvidia’s alleged counterattack in another Telegram post. Access to the GPU and chip manufacturer’s VPN required the PC “to be enrolled in MDM (Mobile Device Management).” Due to this method that was utilized by the hackers to initially infiltrate Nvidia’s systems, the firm was “able to connect to a VM [virtual machine] we use.”

“Yes they successfully encrypted the data. However we have a backup,” it added.

Either way, it’s unheard of for a company of Nvidia’s size to initiate its own counterassault of this nature, regardless of whether it was in the form of a hack or not.

As for Nvidia’s acknowledgement of the purported exploits, it confirmed it is “investigating an incident” on Friday. Beyond that admission, LAPSUS$ said the company “filed [an] abuse report.”

Elsewhere, as reported by Bloomberg, Nvidia said its “business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event and don’t have any additional information to share at this time.” Additionally, a Bloomberg source familiar with the matter said the cyber breach “looks to be relatively minor and not fueled by geopolitical tensions.”

News of the cyberattack failed to negatively impact Nvidia’s stock prices. Instead, shares actually increased by 1.7% to $241.57 when the markets closed on Friday. That said, Bloomberg highlights how stocks for the chipmaker (with the company valued north of $600 billion) have been on a downward trend during 2022 thus far (by 18% to be exact).

The hack comes at a time when Nvidia’s proposed $66 billion acquisition of British chip designer ARM was officially canceled amid intense regulatory pressure from several governmental bodies.

Editors' Recommendations

Zak Islam
Computing Writer
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
Here’s why I’m glad Nvidia might kill its most powerful GPU
The RTX 4090 graphics card sitting on a table with a dark green background.

A reliable leaker has just revealed that Nvidia might be abandoning the idea of releasing an RTX 4090 Ti. If the project hadn't been canceled, the RTX 4090 Ti would have ended up becoming the best GPU by a mile -- or at least the most powerful. That spot is currently held by Nvidia's own RTX 4090.

But don't worry -- if the report about the cancellation is true, it's not such a bad thing at all. In fact, it might be for the best for pretty much everyone involved. Here's why.

Read more
Nvidia’s peace offering isn’t working
Two MSI RTX 4060 Ti 16GB GPUs over a black background.

Nvidia's RTX 4060 Ti 16GB is here, but you wouldn't know it if you didn't follow GPU news closely. It seems that the GPU might just be so far behind some of the best graphics cards that Nvidia isn't advertising it too much. As a result, early benchmarks are scarce.

MSI has released some benchmarks of its own, comparing the 8GB and the 16GB versions of the RTX 4060 Ti. It turns out that the new GPU might actually be slower. Is this why Nvidia didn't even make its own version of this card?

Read more
I’ve reviewed every GPU in the last 2 years — these are the only ones you should buy
A hand grabbing a graphics card.

There are a lot of options when you're on the hunt for the best graphics card. In years past, you could look at a product name and get a general sense of where it landed in terms of performance, but times are changing. With bizarre value propositions, extra features that go beyond raw performance, and questionable naming conventions, GPUs are a lot more complex than they used to be.

I've reviewed every graphics card released over the last two years, covering two generations from both AMD and Nvidia, as well as Intel's first push into the discrete graphics market. Here are the only GPUs I'd even consider buying.
What to look for

Read more