Monday, February 28th 2022
Hackers Threaten to Release NVIDIA GPU Drivers Code, Firmware, and Hash Rate Limiter Bypass
A few days ago, we found out that NVIDIA corporation has been hacked and that attackers managed to steal around 1 TB of sensitive data from the company. This includes various kinds of files like GPU driver and GPU firmware source codes and something a bit more interesting. The LAPSUS$ hacking group responsible for the attack is now threatening to "help mining and gaming community" by releasing a bypass solution for the Lite Hash Rate (LHR) GPU hash rate limiter. As the group notes, the full LHR V2 workaround for anything between GA102-GA104 is on sale and is ready for further spreading.
Additionally, the hacking group is making blackmailing claims that the company should remove the LHR from its software or share details of the "hw folder," presumably a hardware folder with various confidential schematics and hardware information. NVIDIA did not respond to these claims and had no official statement regarding the situation other than acknowledging that they are investigating an incident.
Update 01:01 UTC: The hackers have released part of their files to the public. It's a 18.8 GB RAR file, which uncompresses to over 400,000 (!) files occupying 75 GB, it's mostly source code.
Source:
VideoCardz
Additionally, the hacking group is making blackmailing claims that the company should remove the LHR from its software or share details of the "hw folder," presumably a hardware folder with various confidential schematics and hardware information. NVIDIA did not respond to these claims and had no official statement regarding the situation other than acknowledging that they are investigating an incident.
51 Comments on Hackers Threaten to Release NVIDIA GPU Drivers Code, Firmware, and Hash Rate Limiter Bypass
Who ever made up this story, didn't think it through properly...
hmmmm I’m not sure how that will help gaming community but what do I know.
Universe doesn't distinguish between good and evil, morale, pride, and so on. One simple truth - causality.
On to a scenario then; When the next bull market arrives and rockets cryptos to new heights, gamers will be able to sell their cards at the prices they bought these cards, hopefully by that time, they will also have saved up another few $100's and buy a new RTX5000 or whatever might be available at that time.
I hate this whole situation; In the meantime, I am happily playing my games. My baby will never see the inside of a mine while it's in my possession. :love:
The only bad part is the compute unlock and whatever optimizations they have spent time on might be of interest to competitors, of which there is really Intel that could use a lesson in drivers, but I’m sure even Intel has some test machines running that can spit out raw code. I bet AMD does too.
The groundwork is all there.
This particular leak is about software, there are no GPU schematics in it, for example.
I hope that NV has proper security practices for signing, and isn't just keeping the keys in the main repository. Having them outed would mean a lot of problems for everybody.True, but NV had issues with nouveau providing scripts and methods of extracting the firmware files from the binary drivers in the past.
Unfortunately we are at NV's mercy because ultimately they own the hardware by having the firmware be signed.
The potential problems I see are, for example:
- fake GPUs - by flashing the firmware/BIOS you can simply lie about what the chip really is
- malicious firmware - the GPU is a complex supercomputer running software on many internal cores, most of them have DMA to the entire host system or the facility to use DMA via other parts of the GPU, an IOMMU will only be effective if it's present (thank you Intel for segmentation) and properly configured (which is again a software and human issue)
Maybe it's just me being paranoid due to my work :P