Nvidia hit with a Major Cyberattack

OutOfPhase

OutOfPhase

Supreme [H]ardness
Joined
May 11, 2005
Messages
5,209
Lakados said:
Nothing so complicated, the "hackers" had to join the NVidia MDM to gain access to the VPN so, it was a pretty simple thing for NVidia to then start encrypting the machine since the hacker essentially signed it over to NVidias control, they just didn't get out fast enough before they realized what was going on.

In regards to the hack, they just used a number of known folder privilege escalation exploits to work their way through the folders.

The hackers are dropping names, but NVidia's not so convinced they actually got anything its kinda funny.
Click to expand...
I seem to be 0/100 for jokes this week.
 
L

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
5,779
Looking at the leaked data, from a disposable device over a series of VPN connections….

I am concerned that this leak may do more harm than good for 3’rd party or open source projects.

NVidia can now use this as a source for future DMCA takedown requests or C&D’s based on the suspicion that they are using leaked code or IP derived from the leaked code.
Reverse engineering a feature is one thing, rebuilding it from leaked documents is another entirely.
 
E

ElementDave

Limp Gawd
Joined
May 5, 2013
Messages
343
Lakados said:
I am concerned that this leak may do more harm than good for 3’rd party or open source projects.

NVidia can now use this as a source for future DMCA takedown requests or C&D’s based on the suspicion that they are using leaked code or IP derived from the leaked code.
Reverse engineering a feature is one thing, rebuilding it from leaked documents is another entirely.
Click to expand...
Agreed. This is a legal nightmare for those working on legitimate open source projects. Lawyers ruin the fun.
 
Darunion

Darunion

Supreme [H]ardness
Joined
Oct 6, 2010
Messages
4,462
SilverSliver said:
Oh no, cyberattack releases method to unlock low hash rate video cards into higher hash rates models. Nvidia sales jump as miners buy cards again. No, please don't buy more of our cards.
Click to expand...
Damn and due to the extensive damage from the attack we will need to increase prices on our cards to recover from the financial impact.
 
L

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
5,779
longblock454 said:
Just knowing what registers to poke with what value(s)/codes/etc will help, then they can write their own code.
Click to expand...
Yeah but NVidia would have the legal means to force them to prove they put in all that legwork without ever looking at any of the leaked material. It would be an uphill battle it makes legitimate projects far more difficult now.

So far what I looked at was very incomplete though, so there’s that.
 
E

ElementDave

Limp Gawd
Joined
May 5, 2013
Messages
343
Venturi

Venturi

Limp Gawd
Joined
Nov 23, 2004
Messages
251
Actually.... if one can look at it unbiasedly:

I'm not supporting hack attempts, but as demands go, they seem reasonable and logical.
With all the ongoing DCH driver issues in windows and the telemetry of the drivers, open source is a great idea. The linux community would applaud a move that would also be part of the GNU which nvidia has cleverly dodged so far.
on the LHR, well, that is also a reasonable request. Who wants expensive hardware gimped for that agenda.

They didn't demand bitcoin payments from one of the largest companies in the world, they didn't target financial documents, internal payroll, or fiduciary financials, they didn't threaten anything other than open source and lift the LHR? Nvidia, you should be grateful that the scope of this hack remained this reasonable.

Again, just speaking from a more unbiased point of view....
 
sharknice

sharknice

2[H]4U
Joined
Nov 12, 2012
Messages
2,935
Venturi said:
Actually.... if one can look at it unbiasedly:

I'm not supporting hack attempts, but as demands go, they seem reasonable and logical.
With all the ongoing DCH driver issues in windows and the telemetry of the drivers, open source is a great idea. The linux community would applaud a move that would also be part of the GNU which nvidia has cleverly dodged so far.
on the LHR, well, that is also a reasonable request. Who wants expensive hardware gimped for that agenda.

They didn't demand bitcoin payments from one of the largest companies in the world, they didn't target financial documents, internal payroll, or fiduciary financials, they didn't threaten anything other than open source and lift the LHR? Nvidia, you should be grateful that the scope of this hack remained this reasonable.

Again, just speaking from a more unbiased point of view....
Click to expand...

They wanted money from nvidia, but nvidia refused to contact them and give them a chance to ask.

Now they're just doing public demands to pretend like they're good guys. They're not.
 
L

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
5,779
Venturi said:
Actually.... if one can look at it unbiasedly:

I'm not supporting hack attempts, but as demands go, they seem reasonable and logical.
With all the ongoing DCH driver issues in windows and the telemetry of the drivers, open source is a great idea. The linux community would applaud a move that would also be part of the GNU which nvidia has cleverly dodged so far.
on the LHR, well, that is also a reasonable request. Who wants expensive hardware gimped for that agenda.

They didn't demand bitcoin payments from one of the largest companies in the world, they didn't target financial documents, internal payroll, or fiduciary financials, they didn't threaten anything other than open source and lift the LHR? Nvidia, you should be grateful that the scope of this hack remained this reasonable.

Again, just speaking from a more unbiased point of view....
Click to expand...
This hurts open source drivers not helps, this has the opposite effect it’s a set back.

There’s nothing reasonable here, their demands were unknown but you don’t negotiate with extortionists or terrorists.

They are posting this online because NVidia won’t give them the time of day because if they give in once it’s open season on them for any hacker who’s looking for a payday.

I may be out of the loop, but I’m not familiar with any DCH issues or mandatory telemetry required by NVidia so if somebody could fill me in there.

In regards to the LHR product segmentation yeah it’s kind of annoying but the software and hardware world are filled with arbitrary limiters placed on products to define clear markets. I’m f you are going to be using a product to make money there are lots of people who want a bigger cut and they will funnel you there. Bitcoin is just the latest industry to get hit with it.
 
D

DukenukemX

Supreme [H]ardness
Joined
Jan 30, 2005
Messages
6,236
Lakados said:
This hurts open source drivers not helps, this has the opposite effect it’s a set back.
Click to expand...
Lets be honest here as this does nothing for or against open source drivers. Nvidia doesn't support open source not because of this but because Nvidia loves to put limiters on their hardware through software.
There’s nothing reasonable here, their demands were unknown but you don’t negotiate with extortionists or terrorists.
Click to expand...
Hackers, these are hackers. The worst thing they can do is unlock "100% mining performance powerhouse". I'm quoting the article there. When Nvidia announced they would artificially lock their 3000 series cards from 100% mining performance, I said that someone would hack it and unlock it. Idiots here would say that you can't possibly hack Nvidia drivers and now these hackers are threatening Nvidia because they know it's their business model.
They are posting this online because NVidia won’t give them the time of day because if they give in once it’s open season on them for any hacker who’s looking for a payday.
Click to expand...
Or Nvidia could stop this bullshit of limiting their GPU's mining performance and just support open source drivers. Ya know, like AMD and Intel already do forever. I just solved most of Nvidia's problems there.
In regards to the LHR product segmentation yeah it’s kind of annoying but the software and hardware world are filled with arbitrary limiters placed on products to define clear markets.
Click to expand...
Yes and that's why these products get hacked and modded to unlock their hidden potential. This is why everyone today laser cuts their hardware because this has been ineffective. Lets not forget how this also hurts the silicon shortage and creates more e-waste with added cost that we really don't need because companies need their product segmentation.
 
L

LukeTbk

2[H]4U
Joined
Sep 10, 2020
Messages
2,345
The LAPSUS$ hacking group responsible for the attack is now threatening to "help mining and gaming community" by releasing a bypass solution for the Lite Hash Rate (LHR) GPU hash rate limiter

That a strange thing to say ? How does that help the gaming community ? By having more gamers mining and thus making some money and hurting the miners ? That a long shot.

I think there is a lot of ego/street creeds/activism going on:
https://threatpost.com/portuguese-media-giant-impresa-ransomware/177323/
https://www.zdnet.com/article/brazi...ttack-and-covid-19-vaccination-data-vanishes/

I am not sure if they would have asked for money
 
Mchart

Mchart

Supreme [H]ardness
Joined
Aug 7, 2004
Messages
5,520
LukeTbk said:
The LAPSUS$ hacking group responsible for the attack is now threatening to "help mining and gaming community" by releasing a bypass solution for the Lite Hash Rate (LHR) GPU hash rate limiter

That a strange thing to say ? How does that help the gaming community ? By having more gamers mining and thus making some money and hurting the miners ? That a long shot.

I think there is a lot of ego/street creeds/activism going on:
https://threatpost.com/portuguese-media-giant-impresa-ransomware/177323/
https://www.zdnet.com/article/brazi...ttack-and-covid-19-vaccination-data-vanishes/

I am not sure if they would have asked for money
Click to expand...
I don’t see how it could help gamers. The limiter isn’t preventing the compute cores when it comes to ray tracing functions.
 
L

LukeTbk

2[H]4U
Joined
Sep 10, 2020
Messages
2,345
DukenukemX said:
Hackers, these are hackers. The worst thing they can do is unlock "100% mining performance powerhouse". I'm quoting the article there. When Nvidia announced they would artificially lock their 3000 series cards from 100% mining performance, I said that someone would hack it and unlock it. Idiots here would say that you can't possibly hack Nvidia drivers and now these hackers are threatening Nvidia because they know it's their business model.
Click to expand...
If they said that it would be complicated and long and not impossible (sound like a strawmen) (to the point that hacker with the code would ask Nvidia to do it, instead of doing it themselve and has yet to happen ?), they would have had a point.
 
GoodBoy

GoodBoy

2[H]4U
Joined
Nov 29, 2004
Messages
2,277
DukenukemX said:
Lets be honest here as this does nothing for or against open source drivers. Nvidia doesn't support open source not because of this but because Nvidia loves to put limiters on their hardware through software.

Hackers, these are hackers. The worst thing they can do is unlock "100% mining performance powerhouse". I'm quoting the article there. When Nvidia announced they would artificially lock their 3000 series cards from 100% mining performance, I said that someone would hack it and unlock it. Idiots here would say that you can't possibly hack Nvidia drivers and now these hackers are threatening Nvidia because they know it's their business model.

Or Nvidia could stop this bullshit of limiting their GPU's mining performance and just support open source drivers. Ya know, like AMD and Intel already do forever. I just solved most of Nvidia's problems there.

Yes and that's why these products get hacked and modded to unlock their hidden potential. This is why everyone today laser cuts their hardware because this has been ineffective. Lets not forget how this also hurts the silicon shortage and creates more e-waste with added cost that we really don't need because companies need their product segmentation.
Click to expand...
You are saying it's nVidia's fault that hackers are hacking, because of LHR?

lol

Hackers will hack any company or anyone they think they can make money from.

What's your excuse going to be when AMD gets hacked next?
 
Mchart

Mchart

Supreme [H]ardness
Joined
Aug 7, 2004
Messages
5,520
Am I the only one who wishes they would have sold these cars with an even greater LHR sooner? If you nerfed a 3080, to let's say, 980 levels, no miner in their right mind would buy them. You'd only buy them for gaming usage. If you actually wanted a card for mining/hashing, you'd be forced to buy an A100 or something.
 
Darunion

Darunion

Supreme [H]ardness
Joined
Oct 6, 2010
Messages
4,462
I am likely wrong but wasn't the gimped hash rate created as a counter for miners so that the cards could be more easily obtained by gamers? I just remember miners grabbing up cards by the pallet and the gamers couldnt get any, i thought this was to help that (publicly)?
 
pendragon1

pendragon1

Extremely [H]
Joined
Oct 7, 2000
Messages
41,165
Darunion said:
I am likely wrong but wasn't the gimped hash rate created as a counter for miners so that the cards could be more easily obtained by gamers? I just remember miners grabbing up cards by the pallet and the gamers couldnt get any, i thought this was to help that (publicly)?
Click to expand...
yes but they bought them anyways and the rest were scooped by scalpers....
 
L

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
5,779
Darunion said:
I am likely wrong but wasn't the gimped hash rate created as a counter for miners so that the cards could be more easily obtained by gamers? I just remember miners grabbing up cards by the pallet and the gamers couldnt get any, i thought this was to help that (publicly)?
Click to expand...
They gimped Etherium and a few other notable coins. So they just use the LHR cards to mine other newer cheaper coins and trade them up for Bitcoin. It didn’t actually do anything to curb demand on the cards from miners it just changed what they were mining.
 
E

ElementDave

Limp Gawd
Joined
May 5, 2013
Messages
343
DukenukemX said:
Lets be honest here as this does nothing for or against open source drivers. Nvidia doesn't support open source not because of this but because Nvidia loves to put limiters on their hardware through software.
Click to expand...
My non-expert wild-ass guess is that it probably won't have much if any effect on Linux driver development either way, but for different reasons. The developers of most major OSS projects are very careful to insulate themselves from the type of legal accusations that could result from leaks of this sort by enforcing strict policies such as "clean-room" design. And antagonizing the Linux community is probably not in nVidia's best interest. They don't exactly have much goodwill there as it is, and they don't need any more negative PR.

This isn't an unprecedented scenario. The Windows XP/2003 source code leaks caused some headaches for developers working on Wine and ReactOS, for example.
https://wiki.winehq.org/Developer_FAQ
https://wiki.winehq.org/Clean_Room_Guidelines
 
D

DukenukemX

Supreme [H]ardness
Joined
Jan 30, 2005
Messages
6,236
LukeTbk said:
The LAPSUS$ hacking group responsible for the attack is now threatening to "help mining and gaming community" by releasing a bypass solution for the Lite Hash Rate (LHR) GPU hash rate limiter

That a strange thing to say ? How does that help the gaming community ? By having more gamers mining and thus making some money and hurting the miners ? That a long shot.
Click to expand...
It does help the community for many reasons. First because gamers do mine. Shocking I know. Second because the bitcoin market eventually does crash and when it does then the cards are sold dirt cheap. That's why the limiter was there to begin with because the last time this happened the GTX 1060 sold for $100 on Ebay. Wanna know why the GTX 1060 is the #1 card on Steam? That's why. Nvidia doesn't want the market flooded with cheap cards so they put the limiter to push miners to buy their miner cards. You know, the cards without display output that can't be used for gaming.
GoodBoy said:
You are saying it's nVidia's fault that hackers are hacking, because of LHR?
Click to expand...
Yes because Nvidia painted a bulleye on their back. People want fully unlocked GPU's and they'll hack Nvidia to get it. You don't stop hackers you just deter them.
Hackers will hack any company or anyone they think they can make money from.
Click to expand...
What would hackers gain from hacking Nvidia? Their amazing marketing strategy of GPU prices goes up and you can't explain that? Jensen Huang is on Jeffrey Epstein's black book?
EiI_8-8UMAURVF7.jpg

What's your excuse going to be when AMD gets hacked next?
Click to expand...
What are the hackers gonna release? Open source drivers and fully unlocked mining?
 
Last edited:
B

blackmomba

Gawd
Joined
Dec 5, 2018
Messages
664
Venturi said:
Actually.... if one can look at it unbiasedly:

I'm not supporting hack attempts, but as demands go, they seem reasonable and logical.
With all the ongoing DCH driver issues in windows and the telemetry of the drivers, open source is a great idea. The linux community would applaud a move that would also be part of the GNU which nvidia has cleverly dodged so far.
on the LHR, well, that is also a reasonable request. Who wants expensive hardware gimped for that agenda.

They didn't demand bitcoin payments from one of the largest companies in the world, they didn't target financial documents, internal payroll, or fiduciary financials, they didn't threaten anything other than open source and lift the LHR? Nvidia, you should be grateful that the scope of this hack remained this reasonable.

Again, just speaking from a more unbiased point of view....
Click to expand...
Trade secrets are like the worst of the worst when it comes to leaks
 
L

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
5,779
ElementDave said:
My non-expert wild-ass guess is that it probably won't have much if any effect on Linux driver development either way, but for different reasons. The developers of most major OSS projects are very careful to insulate themselves from the type of legal accusations that could result from leaks of this sort by enforcing strict policies such as "clean-room" design. And antagonizing the Linux community is probably not in nVidia's best interest. They don't exactly have much goodwill there as it is, and they don't need any more negative PR.

This isn't an unprecedented scenario. The Windows XP/2003 source code leaks caused some headaches for developers working on Wine and ReactOS, for example.
https://wiki.winehq.org/Developer_FAQ
https://wiki.winehq.org/Clean_Room_Guidelines
Click to expand...
Depending on the Linux community NVidia changes greatly. For instance, their drivers for my VMWare servers are dope, GPU passthrough to the OS is working excellently and they are incredibly fast to respond to and resolve issues when I present them to support. Here they haven't presented me with the need for anything open source as there is nothing that has required any degree of modification outside the defaults.

In regards to the clean room policies, they are great when followed but anybody who has worked in an office can tell you no matter how clear or easy the policies are there's always some jackass in the back corner who thinks they don't apply to them and that they won't have any problems.
 
D

DukenukemX

Supreme [H]ardness
Joined
Jan 30, 2005
Messages
6,236
the901 said:
An article I found interesting:
https://semianalysis.com/nvidia-hacked-a-national-security-disaster/
Click to expand...
I like how that articles headline is "A National Security Disaster" and yet their demands are, and I quote, "pushing driver updates, open sourcing much of their software, and fully removing any cryptocurrency limiters". Are these hackers or upset customers of Nvidia? Maybe it's Linus Torvalds for pissing off Nvidia years ago. I'm actually on the side of the hackers with demands like that.

678gvn.jpg
 
Krenum

Krenum

Fully [H]
Joined
Apr 29, 2005
Messages
18,795
DukenukemX said:
I like how that articles headline is "A National Security Disaster" and yet their demands are, and I quote, "pushing driver updates, open sourcing much of their software, and fully removing any cryptocurrency limiters". Are these hackers or upset customers of Nvidia? Maybe it's Linus Torvalds for pissing off Nvidia years ago. I'm actually on the side of the hackers with demands like that.

View attachment 450066
Click to expand...
Honestly...I'm not mad either.

I think its time Nvidia gets humbled for making their customers pay absurd prices, (yes they could have done something to prevent scalping)
 
S

schoolslave

[H]ard|Gawd
Joined
Dec 7, 2010
Messages
1,069
DukenukemX said:
I like how that articles headline is "A National Security Disaster" and yet their demands are, and I quote, "pushing driver updates, open sourcing much of their software, and fully removing any cryptocurrency limiters". Are these hackers or upset customers of Nvidia? Maybe it's Linus Torvalds for pissing off Nvidia years ago. I'm actually on the side of the hackers with demands like that.

...
Click to expand...

It can potentially be a National Security disaster if the leaked data includes export-controlled design data (iirc this is usually some gnarly floating-point or cryptography designs).
What I'm really curious about is if Nvidia will face Federal charges in such a scenario.
Having worked at some of the "big" chip manufacturers myself - export regulations for logic designs (not sure about software) are absolutely no joke and carry heavy Federal penalties.
 
You must log in or register to reply here.
Top