Nvidia hit with a Major Cyberattack

OutOfPhase

Supreme [H]ardness
Joined
May 11, 2005
Messages
5,209
Nothing so complicated, the "hackers" had to join the NVidia MDM to gain access to the VPN so, it was a pretty simple thing for NVidia to then start encrypting the machine since the hacker essentially signed it over to NVidias control, they just didn't get out fast enough before they realized what was going on.

In regards to the hack, they just used a number of known folder privilege escalation exploits to work their way through the folders.

The hackers are dropping names, but NVidia's not so convinced they actually got anything its kinda funny.
I seem to be 0/100 for jokes this week.
 

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
5,779
Looking at the leaked data, from a disposable device over a series of VPN connections….

I am concerned that this leak may do more harm than good for 3’rd party or open source projects.

NVidia can now use this as a source for future DMCA takedown requests or C&D’s based on the suspicion that they are using leaked code or IP derived from the leaked code.
Reverse engineering a feature is one thing, rebuilding it from leaked documents is another entirely.
 

ElementDave

Limp Gawd
Joined
May 5, 2013
Messages
343
I am concerned that this leak may do more harm than good for 3’rd party or open source projects.

NVidia can now use this as a source for future DMCA takedown requests or C&D’s based on the suspicion that they are using leaked code or IP derived from the leaked code.
Reverse engineering a feature is one thing, rebuilding it from leaked documents is another entirely.
Agreed. This is a legal nightmare for those working on legitimate open source projects. Lawyers ruin the fun.
 

Darunion

Supreme [H]ardness
Joined
Oct 6, 2010
Messages
4,462
Oh no, cyberattack releases method to unlock low hash rate video cards into higher hash rates models. Nvidia sales jump as miners buy cards again. No, please don't buy more of our cards.
Damn and due to the extensive damage from the attack we will need to increase prices on our cards to recover from the financial impact.
 

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
5,779
Just knowing what registers to poke with what value(s)/codes/etc will help, then they can write their own code.
Yeah but NVidia would have the legal means to force them to prove they put in all that legwork without ever looking at any of the leaked material. It would be an uphill battle it makes legitimate projects far more difficult now.

So far what I looked at was very incomplete though, so there’s that.
 

ElementDave

Limp Gawd
Joined
May 5, 2013
Messages
343

Venturi

Limp Gawd
Joined
Nov 23, 2004
Messages
251
Actually.... if one can look at it unbiasedly:

I'm not supporting hack attempts, but as demands go, they seem reasonable and logical.
With all the ongoing DCH driver issues in windows and the telemetry of the drivers, open source is a great idea. The linux community would applaud a move that would also be part of the GNU which nvidia has cleverly dodged so far.
on the LHR, well, that is also a reasonable request. Who wants expensive hardware gimped for that agenda.

They didn't demand bitcoin payments from one of the largest companies in the world, they didn't target financial documents, internal payroll, or fiduciary financials, they didn't threaten anything other than open source and lift the LHR? Nvidia, you should be grateful that the scope of this hack remained this reasonable.

Again, just speaking from a more unbiased point of view....
 

sharknice

2[H]4U
Joined
Nov 12, 2012
Messages
2,935
Actually.... if one can look at it unbiasedly:

I'm not supporting hack attempts, but as demands go, they seem reasonable and logical.
With all the ongoing DCH driver issues in windows and the telemetry of the drivers, open source is a great idea. The linux community would applaud a move that would also be part of the GNU which nvidia has cleverly dodged so far.
on the LHR, well, that is also a reasonable request. Who wants expensive hardware gimped for that agenda.

They didn't demand bitcoin payments from one of the largest companies in the world, they didn't target financial documents, internal payroll, or fiduciary financials, they didn't threaten anything other than open source and lift the LHR? Nvidia, you should be grateful that the scope of this hack remained this reasonable.

Again, just speaking from a more unbiased point of view....

They wanted money from nvidia, but nvidia refused to contact them and give them a chance to ask.

Now they're just doing public demands to pretend like they're good guys. They're not.
 

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
5,779
Actually.... if one can look at it unbiasedly:

I'm not supporting hack attempts, but as demands go, they seem reasonable and logical.
With all the ongoing DCH driver issues in windows and the telemetry of the drivers, open source is a great idea. The linux community would applaud a move that would also be part of the GNU which nvidia has cleverly dodged so far.
on the LHR, well, that is also a reasonable request. Who wants expensive hardware gimped for that agenda.

They didn't demand bitcoin payments from one of the largest companies in the world, they didn't target financial documents, internal payroll, or fiduciary financials, they didn't threaten anything other than open source and lift the LHR? Nvidia, you should be grateful that the scope of this hack remained this reasonable.

Again, just speaking from a more unbiased point of view....
This hurts open source drivers not helps, this has the opposite effect it’s a set back.

There’s nothing reasonable here, their demands were unknown but you don’t negotiate with extortionists or terrorists.

They are posting this online because NVidia won’t give them the time of day because if they give in once it’s open season on them for any hacker who’s looking for a payday.

I may be out of the loop, but I’m not familiar with any DCH issues or mandatory telemetry required by NVidia so if somebody could fill me in there.

In regards to the LHR product segmentation yeah it’s kind of annoying but the software and hardware world are filled with arbitrary limiters placed on products to define clear markets. I’m f you are going to be using a product to make money there are lots of people who want a bigger cut and they will funnel you there. Bitcoin is just the latest industry to get hit with it.
 

DukenukemX

Supreme [H]ardness
Joined
Jan 30, 2005
Messages
6,236
This hurts open source drivers not helps, this has the opposite effect it’s a set back.
Lets be honest here as this does nothing for or against open source drivers. Nvidia doesn't support open source not because of this but because Nvidia loves to put limiters on their hardware through software.
There’s nothing reasonable here, their demands were unknown but you don’t negotiate with extortionists or terrorists.
Hackers, these are hackers. The worst thing they can do is unlock "100% mining performance powerhouse". I'm quoting the article there. When Nvidia announced they would artificially lock their 3000 series cards from 100% mining performance, I said that someone would hack it and unlock it. Idiots here would say that you can't possibly hack Nvidia drivers and now these hackers are threatening Nvidia because they know it's their business model.
They are posting this online because NVidia won’t give them the time of day because if they give in once it’s open season on them for any hacker who’s looking for a payday.
Or Nvidia could stop this bullshit of limiting their GPU's mining performance and just support open source drivers. Ya know, like AMD and Intel already do forever. I just solved most of Nvidia's problems there.
In regards to the LHR product segmentation yeah it’s kind of annoying but the software and hardware world are filled with arbitrary limiters placed on products to define clear markets.
Yes and that's why these products get hacked and modded to unlock their hidden potential. This is why everyone today laser cuts their hardware because this has been ineffective. Lets not forget how this also hurts the silicon shortage and creates more e-waste with added cost that we really don't need because companies need their product segmentation.
 

LukeTbk

2[H]4U
Joined
Sep 10, 2020
Messages
2,345
The LAPSUS$ hacking group responsible for the attack is now threatening to "help mining and gaming community" by releasing a bypass solution for the Lite Hash Rate (LHR) GPU hash rate limiter

That a strange thing to say ? How does that help the gaming community ? By having more gamers mining and thus making some money and hurting the miners ? That a long shot.

I think there is a lot of ego/street creeds/activism going on:
https://threatpost.com/portuguese-media-giant-impresa-ransomware/177323/
https://www.zdnet.com/article/brazi...ttack-and-covid-19-vaccination-data-vanishes/

I am not sure if they would have asked for money
 

Mchart

Supreme [H]ardness
Joined
Aug 7, 2004
Messages
5,520
The LAPSUS$ hacking group responsible for the attack is now threatening to "help mining and gaming community" by releasing a bypass solution for the Lite Hash Rate (LHR) GPU hash rate limiter

That a strange thing to say ? How does that help the gaming community ? By having more gamers mining and thus making some money and hurting the miners ? That a long shot.

I think there is a lot of ego/street creeds/activism going on:
https://threatpost.com/portuguese-media-giant-impresa-ransomware/177323/
https://www.zdnet.com/article/brazi...ttack-and-covid-19-vaccination-data-vanishes/

I am not sure if they would have asked for money
I don’t see how it could help gamers. The limiter isn’t preventing the compute cores when it comes to ray tracing functions.
 

LukeTbk

2[H]4U
Joined
Sep 10, 2020
Messages
2,345
Hackers, these are hackers. The worst thing they can do is unlock "100% mining performance powerhouse". I'm quoting the article there. When Nvidia announced they would artificially lock their 3000 series cards from 100% mining performance, I said that someone would hack it and unlock it. Idiots here would say that you can't possibly hack Nvidia drivers and now these hackers are threatening Nvidia because they know it's their business model.
If they said that it would be complicated and long and not impossible (sound like a strawmen) (to the point that hacker with the code would ask Nvidia to do it, instead of doing it themselve and has yet to happen ?), they would have had a point.
 

GoodBoy

2[H]4U
Joined
Nov 29, 2004
Messages
2,277
Lets be honest here as this does nothing for or against open source drivers. Nvidia doesn't support open source not because of this but because Nvidia loves to put limiters on their hardware through software.

Hackers, these are hackers. The worst thing they can do is unlock "100% mining performance powerhouse". I'm quoting the article there. When Nvidia announced they would artificially lock their 3000 series cards from 100% mining performance, I said that someone would hack it and unlock it. Idiots here would say that you can't possibly hack Nvidia drivers and now these hackers are threatening Nvidia because they know it's their business model.

Or Nvidia could stop this bullshit of limiting their GPU's mining performance and just support open source drivers. Ya know, like AMD and Intel already do forever. I just solved most of Nvidia's problems there.

Yes and that's why these products get hacked and modded to unlock their hidden potential. This is why everyone today laser cuts their hardware because this has been ineffective. Lets not forget how this also hurts the silicon shortage and creates more e-waste with added cost that we really don't need because companies need their product segmentation.
You are saying it's nVidia's fault that hackers are hacking, because of LHR?

lol

Hackers will hack any company or anyone they think they can make money from.

What's your excuse going to be when AMD gets hacked next?
 

Mchart

Supreme [H]ardness
Joined
Aug 7, 2004
Messages
5,520
Am I the only one who wishes they would have sold these cars with an even greater LHR sooner? If you nerfed a 3080, to let's say, 980 levels, no miner in their right mind would buy them. You'd only buy them for gaming usage. If you actually wanted a card for mining/hashing, you'd be forced to buy an A100 or something.
 

Darunion

Supreme [H]ardness
Joined
Oct 6, 2010
Messages
4,462
I am likely wrong but wasn't the gimped hash rate created as a counter for miners so that the cards could be more easily obtained by gamers? I just remember miners grabbing up cards by the pallet and the gamers couldnt get any, i thought this was to help that (publicly)?
 

pendragon1

Extremely [H]
Joined
Oct 7, 2000
Messages
41,165
I am likely wrong but wasn't the gimped hash rate created as a counter for miners so that the cards could be more easily obtained by gamers? I just remember miners grabbing up cards by the pallet and the gamers couldnt get any, i thought this was to help that (publicly)?
yes but they bought them anyways and the rest were scooped by scalpers....
 

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
5,779
I am likely wrong but wasn't the gimped hash rate created as a counter for miners so that the cards could be more easily obtained by gamers? I just remember miners grabbing up cards by the pallet and the gamers couldnt get any, i thought this was to help that (publicly)?
They gimped Etherium and a few other notable coins. So they just use the LHR cards to mine other newer cheaper coins and trade them up for Bitcoin. It didn’t actually do anything to curb demand on the cards from miners it just changed what they were mining.
 

ElementDave

Limp Gawd
Joined
May 5, 2013
Messages
343
Lets be honest here as this does nothing for or against open source drivers. Nvidia doesn't support open source not because of this but because Nvidia loves to put limiters on their hardware through software.
My non-expert wild-ass guess is that it probably won't have much if any effect on Linux driver development either way, but for different reasons. The developers of most major OSS projects are very careful to insulate themselves from the type of legal accusations that could result from leaks of this sort by enforcing strict policies such as "clean-room" design. And antagonizing the Linux community is probably not in nVidia's best interest. They don't exactly have much goodwill there as it is, and they don't need any more negative PR.

This isn't an unprecedented scenario. The Windows XP/2003 source code leaks caused some headaches for developers working on Wine and ReactOS, for example.
https://wiki.winehq.org/Developer_FAQ
https://wiki.winehq.org/Clean_Room_Guidelines
 

DukenukemX

Supreme [H]ardness
Joined
Jan 30, 2005
Messages
6,236
The LAPSUS$ hacking group responsible for the attack is now threatening to "help mining and gaming community" by releasing a bypass solution for the Lite Hash Rate (LHR) GPU hash rate limiter

That a strange thing to say ? How does that help the gaming community ? By having more gamers mining and thus making some money and hurting the miners ? That a long shot.
It does help the community for many reasons. First because gamers do mine. Shocking I know. Second because the bitcoin market eventually does crash and when it does then the cards are sold dirt cheap. That's why the limiter was there to begin with because the last time this happened the GTX 1060 sold for $100 on Ebay. Wanna know why the GTX 1060 is the #1 card on Steam? That's why. Nvidia doesn't want the market flooded with cheap cards so they put the limiter to push miners to buy their miner cards. You know, the cards without display output that can't be used for gaming.
You are saying it's nVidia's fault that hackers are hacking, because of LHR?
Yes because Nvidia painted a bulleye on their back. People want fully unlocked GPU's and they'll hack Nvidia to get it. You don't stop hackers you just deter them.
Hackers will hack any company or anyone they think they can make money from.
What would hackers gain from hacking Nvidia? Their amazing marketing strategy of GPU prices goes up and you can't explain that? Jensen Huang is on Jeffrey Epstein's black book?
EiI_8-8UMAURVF7.jpg

What's your excuse going to be when AMD gets hacked next?
What are the hackers gonna release? Open source drivers and fully unlocked mining?
 
Last edited:

blackmomba

Gawd
Joined
Dec 5, 2018
Messages
664
Actually.... if one can look at it unbiasedly:

I'm not supporting hack attempts, but as demands go, they seem reasonable and logical.
With all the ongoing DCH driver issues in windows and the telemetry of the drivers, open source is a great idea. The linux community would applaud a move that would also be part of the GNU which nvidia has cleverly dodged so far.
on the LHR, well, that is also a reasonable request. Who wants expensive hardware gimped for that agenda.

They didn't demand bitcoin payments from one of the largest companies in the world, they didn't target financial documents, internal payroll, or fiduciary financials, they didn't threaten anything other than open source and lift the LHR? Nvidia, you should be grateful that the scope of this hack remained this reasonable.

Again, just speaking from a more unbiased point of view....
Trade secrets are like the worst of the worst when it comes to leaks
 

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
5,779
My non-expert wild-ass guess is that it probably won't have much if any effect on Linux driver development either way, but for different reasons. The developers of most major OSS projects are very careful to insulate themselves from the type of legal accusations that could result from leaks of this sort by enforcing strict policies such as "clean-room" design. And antagonizing the Linux community is probably not in nVidia's best interest. They don't exactly have much goodwill there as it is, and they don't need any more negative PR.

This isn't an unprecedented scenario. The Windows XP/2003 source code leaks caused some headaches for developers working on Wine and ReactOS, for example.
https://wiki.winehq.org/Developer_FAQ
https://wiki.winehq.org/Clean_Room_Guidelines
Depending on the Linux community NVidia changes greatly. For instance, their drivers for my VMWare servers are dope, GPU passthrough to the OS is working excellently and they are incredibly fast to respond to and resolve issues when I present them to support. Here they haven't presented me with the need for anything open source as there is nothing that has required any degree of modification outside the defaults.

In regards to the clean room policies, they are great when followed but anybody who has worked in an office can tell you no matter how clear or easy the policies are there's always some jackass in the back corner who thinks they don't apply to them and that they won't have any problems.
 

DukenukemX

Supreme [H]ardness
Joined
Jan 30, 2005
Messages
6,236
I like how that articles headline is "A National Security Disaster" and yet their demands are, and I quote, "pushing driver updates, open sourcing much of their software, and fully removing any cryptocurrency limiters". Are these hackers or upset customers of Nvidia? Maybe it's Linus Torvalds for pissing off Nvidia years ago. I'm actually on the side of the hackers with demands like that.

678gvn.jpg
 

Krenum

Fully [H]
Joined
Apr 29, 2005
Messages
18,795
I like how that articles headline is "A National Security Disaster" and yet their demands are, and I quote, "pushing driver updates, open sourcing much of their software, and fully removing any cryptocurrency limiters". Are these hackers or upset customers of Nvidia? Maybe it's Linus Torvalds for pissing off Nvidia years ago. I'm actually on the side of the hackers with demands like that.

View attachment 450066
Honestly...I'm not mad either.

I think its time Nvidia gets humbled for making their customers pay absurd prices, (yes they could have done something to prevent scalping)
 

schoolslave

[H]ard|Gawd
Joined
Dec 7, 2010
Messages
1,069
I like how that articles headline is "A National Security Disaster" and yet their demands are, and I quote, "pushing driver updates, open sourcing much of their software, and fully removing any cryptocurrency limiters". Are these hackers or upset customers of Nvidia? Maybe it's Linus Torvalds for pissing off Nvidia years ago. I'm actually on the side of the hackers with demands like that.

...

It can potentially be a National Security disaster if the leaked data includes export-controlled design data (iirc this is usually some gnarly floating-point or cryptography designs).
What I'm really curious about is if Nvidia will face Federal charges in such a scenario.
Having worked at some of the "big" chip manufacturers myself - export regulations for logic designs (not sure about software) are absolutely no joke and carry heavy Federal penalties.
 
Top