Monday, February 28th 2022

Hackers Threaten to Release NVIDIA GPU Drivers Code, Firmware, and Hash Rate Limiter Bypass

A few days ago, we found out that NVIDIA corporation has been hacked and that attackers managed to steal around 1 TB of sensitive data from the company. This includes various kinds of files like GPU driver and GPU firmware source codes and something a bit more interesting. The LAPSUS$ hacking group responsible for the attack is now threatening to "help mining and gaming community" by releasing a bypass solution for the Lite Hash Rate (LHR) GPU hash rate limiter. As the group notes, the full LHR V2 workaround for anything between GA102-GA104 is on sale and is ready for further spreading.

Additionally, the hacking group is making blackmailing claims that the company should remove the LHR from its software or share details of the "hw folder," presumably a hardware folder with various confidential schematics and hardware information. NVIDIA did not respond to these claims and had no official statement regarding the situation other than acknowledging that they are investigating an incident.

Update 01:01 UTC: The hackers have released part of their files to the public. It's a 18.8 GB RAR file, which uncompresses to over 400,000 (!) files occupying 75 GB, it's mostly source code.
Source: VideoCardz
Add your own comment

51 Comments on Hackers Threaten to Release NVIDIA GPU Drivers Code, Firmware, and Hash Rate Limiter Bypass

#1
lexluthermiester
Sounds like those hackers are a bunch of spoiled little twats.
Posted on Reply
#2
Sybaris_Caesar
Whaddyaknow the hackers weren't russki after all.
Posted on Reply
#3
Tsukiyomi91
not gonna make a difference when the RTX30 Series are 2 years old and gonna be replaced by the RTX40 Series.
Posted on Reply
#4
cellar door
If they had a proper hashrate limiter bypass - it would make more sense to sell it to miner farms before even trying to blackmail nvidia.

Who ever made up this story, didn't think it through properly...
Posted on Reply
#5
Chomiq
"We want to help mining and gaming community by removing LHR limiter" - sure you want.
Posted on Reply
#6
mechtech
“The LAPSUS$ hacking group responsible for the attack is now threatening to "help mining and gaming community" by releasing a bypass solution for the Lite Hash Rate (LHR) GPU hash rate limiter.”

hmmmm I’m not sure how that will help gaming community but what do I know.
Posted on Reply
#7
Pumper
How the fuck removing LHR limits will "help" gaming. Damn ****, hack Putin instead.
Posted on Reply
#8
zlobby
Yeeeeees!
lexluthermiesterSounds like those hackers are a bunch of spoiled little twats.
Not taking any sides here, but if anyone has this power they can choose to do whatever they want with it.

Universe doesn't distinguish between good and evil, morale, pride, and so on. One simple truth - causality.
Posted on Reply
#9
Fluffmeister
You have to laugh, hackers threaten to help Nvidia sell even more graphics cards!!!1
Posted on Reply
#10
Legacy-ZA
PumperHow the fuck removing LHR limits will "help" gaming. Damn ****, hack Putin instead.
Well, I will tell you. As the crypto prices have fallen, removing the LHR lock will improve the value of gamers' LHR locked cards.

On to a scenario then; When the next bull market arrives and rockets cryptos to new heights, gamers will be able to sell their cards at the prices they bought these cards, hopefully by that time, they will also have saved up another few $100's and buy a new RTX5000 or whatever might be available at that time.

I hate this whole situation; In the meantime, I am happily playing my games. My baby will never see the inside of a mine while it's in my possession. :love:
Posted on Reply
#11
Steevo
They should post it, who cares about driver code at this point? It can almost be completely reverse engineered, same for a lot of BIOS data.

The only bad part is the compute unlock and whatever optimizations they have spent time on might be of interest to competitors, of which there is really Intel that could use a lesson in drivers, but I’m sure even Intel has some test machines running that can spit out raw code. I bet AMD does too.
Posted on Reply
#12
DeathtoGnomes
Yea either release the data or dont, just stop the whiney ass threats.
Posted on Reply
#13
HwGeek
Plot Twist, it happened because some noob inside tried to test the LHR bios hack that was posted week ago ;-)
Posted on Reply
#14
windwhirl
NGL, I didn't think we had hackers of that level in this region of the world. Either that or Nvidia got *very* careless
Posted on Reply
#15
lexluthermiester
zlobbyUniverse doesn't distinguish between good and evil, morale, pride, and so on.
Spoken like a tyrant. That statement is as much nonsense as it is bereft of conscience..
Posted on Reply
#16
Vya Domus
Interesting that just as I've noticed GPU prices have started to fall coincidently now there is a team of hackers claiming they're going to release code that will help people remove the hash rate limiters. I am sure that's just a crazy coincidence.
Posted on Reply
#17
ncrs
Vya DomusInteresting that just as I've noticed GPU prices have started to fall coincidently now there is a team of hackers claiming they're going to release code that will help people remove the hash rate limiters. I am sure that's just a crazy coincidence.
The leak is real, it's floating around even public trackers now. It contains full current and future driver sources, firmware, CUDA, libraries, tools. Basically most of NV software. The main driver branch is very interesting because it contains code and information about Ada, Hopper and AFAIK unannounced Blackwell architectures.
Posted on Reply
#18
R-T-B
cellar doorit would make more sense to sell it to miner farms before even trying to blackmail nvidia.
Did you read the article? They are.
SteevoThey should post it, who cares about driver code at this point? It can almost be completely reverse engineered, same for a lot of BIOS data.
Bios sig keys can't though. They would be a great boon to the likes of nouveau on linux.
Posted on Reply
#19
ncrs
R-T-BBios sig keys can't though. They would be a great boon to the likes of nouveau on linux.
Unfortunately they won't use it, neither will they look at the leaked code. It would contaminate them and prevent from working on the nouveau code. The leak contains release and debug versions of every firmware, but again it can't ever be distributed without NV's consent, so it won't legally help Linux.
Posted on Reply
#20
R-T-B
ncrsThe leak is real, it's floating around even public trackers now. It contains full current and future driver sources, firmware, CUDA, libraries, tools. Basically most of NV software. The main driver branch is very interesting because it contains code and information about Ada, Hopper and AFAIK unannounced Blackwell architectures.
Any sig keys for the bioses?
Posted on Reply
#21
lexluthermiester
R-T-BThey would be a great boon to the likes of nouveau on linux.
This is true. NVidia and AMD need to be more open with the driver code anyway.
Posted on Reply
#22
R-T-B
ncrsUnfortunately they won't use it, neither will they look at the leaked code. It would contaminate them and prevent from working on the nouveau code.
They don't have to. They simply have to instruct the user on how to do so, to unlock flashing a modded vbios for linux reclock purposes.

The groundwork is all there.
Posted on Reply
#23
ncrs
R-T-BAny sig keys for the bioses?
I doubt it's there, but I haven't looked too closely. I found the signing application (with banal hardcoded AES IV, which might be a security issue).
This particular leak is about software, there are no GPU schematics in it, for example.
I hope that NV has proper security practices for signing, and isn't just keeping the keys in the main repository. Having them outed would mean a lot of problems for everybody.
R-T-BThey don't have to. They simply have to instruct the user on how to do so, to unlock flashing a modded vbios for linux reclock purposes.

The groundwork is all there.
True, but NV had issues with nouveau providing scripts and methods of extracting the firmware files from the binary drivers in the past.
Unfortunately we are at NV's mercy because ultimately they own the hardware by having the firmware be signed.
Posted on Reply
#24
R-T-B
ncrsI doubt it's there, but I haven't looked too closely. I found the signing application (with banal hardcoded AES IV, which might be a security issue).
This particular leak is about software, there are no GPU schematics in it, for example.
I hope that NV has proper security practices for signing, and isn't just keeping the keys in the main repository. Having them outed would mean a lot of problems for everybody.


True, but NV had issues with nouveau providing scripts and methods of extracting the firmware files from the binary drivers in the past.
Unfortunately we are at NV's mercy because ultimately they own the hardware by having the firmware be signed.
Honestly, I'd love if they were outted. I see the benefits as far outweighing the problems.
ncrsUnfortunately we are at NV's mercy because ultimately they own the hardware by having the firmware be signed.
Not legally speaking. They just act like they do. But at least in usa, we have every right to defeat those protections on a personal level.
Posted on Reply
#25
ncrs
R-T-BHonestly, I'd love if they were outted. I see the benefits as far outweighing the problems.
Yeah I get the benefits :)
The potential problems I see are, for example:
  • fake GPUs - by flashing the firmware/BIOS you can simply lie about what the chip really is
  • malicious firmware - the GPU is a complex supercomputer running software on many internal cores, most of them have DMA to the entire host system or the facility to use DMA via other parts of the GPU, an IOMMU will only be effective if it's present (thank you Intel for segmentation) and properly configured (which is again a software and human issue)
Maybe it's just me being paranoid due to my work :P
Posted on Reply
Add your own comment
Dec 21st, 2024 11:44 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts