Hackers threaten Nvidia with leaking sensitive data if they don't commit to open source drivers

several days agoe released the news that a group of hackers had leaked information confidential from Nvidia, information that is still not entirely clear what they contain, but the group confirmed that of the amount of data they managed to steal, 250 GB of data is hardware related.

In addition, the group confirmed that they assessed NVIDIA's position, which means that NVIDIA may try to contact the group to prevent future leaks. The group has already published information about NVIDIA DLSS technology and upcoming architectures.

And it is that the group of hackers who managed to infiltrate NVIDIA systems threaten to divulge more confidential information unless the company commits to releasing its drivers open source.

To understand the matter a little, we must know the background and it is that in February, Nvidia fell victim to this leaked information to the media and it was unclear if it was the attack itself that forced these internal systems to go offline or if Nvidia proactively terminated access to quell the threat.

According to company sources, Nvidia's internal systems were "completely compromised" Unfortunately, there were no additional concrete details on the scope of the cyberattack or whether Nvidia had fallen victim to the ransomware. It was also unclear to the media whether sensitive information stored on Nvidia's servers was accessed during the reported intrusion.

For its part, an Nvidia spokesperson issued a brief statement confirming the report:

“We are investigating an incident. We have no additional information to share at this time."

Later, it was revealed that after this cyberattack, hackers stole over 1TB of data from chipmaker. No doubt to prevent hackers from blackmailing them into trusting this data, Nvidia reportedly retaliated by hacking into the hacker's system and encrypting the stolen data. This is confirmed by a post on the Vx-underground twitter account (which evolves into Threat Intelligence, a discipline based on intelligence techniques, which aims to collect and organize all information related to cyberspace threats, in order to draw a portrait of attackers or to highlight trends).

“The LAPSU$ extortion group, a group operating in South America, claims to have broken into NVIDIA systems and exfiltrated more than 1TB of proprietary data. LAPSU$ claims that NVIDIA was hacked and says that NVIDIA successfully attacked their machines using ransomware.”

But the hackers said they had a backup of the data, so Nvidia's efforts were futile:

“Fortunately, we had a backup. But why did they think they could log into our private machine and install ransomware? »

NVIDIA was reluctant to make its proprietary DLSS technology open source, even though AMD FSR and Intel XeSS did or considered doing so. The company made great strides to allow more developers to participate in the program, but never released the source code for its technology.

“NVIDIA DLSS technology lets you enjoy ray tracing at ultra-high resolutions. DLSS leverages advanced AI-based rendering techniques to produce image quality comparable to or better than native resolution while displaying only a fraction of the pixels in each scene. Innovative temporal feedback techniques are implemented to give you much sharper and more detailed images, with greater frame-to-frame stability.”

Hackers who infiltrated NVIDIA servers released the source code belonging to DLSS, as confirmed by a trade magazine:

“Anonymous sent us this screenshot showing a list of files claiming to be DLSS source code. The list, which seems pretty believable, includes the files, headers, and C++ resources that make up DLSS. There is also a super helpful "Programming Guide" document to help developers understand the code and build it correctly.

The people who submitted this screenshot are looking at the code to see the inner workings of DLSS and if there are any secret tricks. Note that this is version 2.2 of DLSS, so it is a relatively recent version that includes the latest changes from DLSS 2.2. This code leak could be the key to the open source Linux driver community bringing DLSS to the platform or even AMD and Intel learning from its design. Stealing intellectual property is, of course, a big deal and NVIDIA's lawyers will probably be busy distinguishing each new innovation from its competitors, but ultimately it will be difficult to prove in court."

Obviously, no third party should use this code for their own projects, but it could lead to millions of wasted dollars because the code would no longer be a secret.

Be that as it may, through this leak we learned, for example, that the L2 cache of the next generation of graphics cards will be huge, going from a maximum of 6 MB in Ampere to 96 MB in Ada Lovelace, or even the number of SM and the number of CUDA Cores.

This time, the LAPSUS$ hacker group asked NVIDIA to release its drivers for Windows, MacOS, and Linux as open source. If NVIDIA does not respond favorably to this request, the group threatens to release chipset files, graphics, and silicon information for existing and future GPUs.


Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.