Monday, February 28th 2022

Hackers Threaten to Release NVIDIA GPU Drivers Code, Firmware, and Hash Rate Limiter Bypass

Updated by
AleksandarK
 Updated: Discuss (51 Comments)
A few days ago, we found out that NVIDIA corporation has been hacked and that attackers managed to steal around 1 TB of sensitive data from the company. This includes various kinds of files like GPU driver and GPU firmware source codes and something a bit more interesting. The LAPSUS$ hacking group responsible for the attack is now threatening to "help mining and gaming community" by releasing a bypass solution for the Lite Hash Rate (LHR) GPU hash rate limiter. As the group notes, the full LHR V2 workaround for anything between GA102-GA104 is on sale and is ready for further spreading.

Additionally, the hacking group is making blackmailing claims that the company should remove the LHR from its software or share details of the "hw folder," presumably a hardware folder with various confidential schematics and hardware information. NVIDIA did not respond to these claims and had no official statement regarding the situation other than acknowledging that they are investigating an incident.

Update 01:01 UTC: The hackers have released part of their files to the public. It's a 18.8 GB RAR file, which uncompresses to over 400,000 (!) files occupying 75 GB, it's mostly source code.
Source: VideoCardz

Related News

Add your own comment

51 Comments on Hackers Threaten to Release NVIDIA GPU Drivers Code, Firmware, and Hash Rate Limiter Bypass

#26
R-T-B
I'm a security researcher in the firmware world so I'm aware of the risks. I'll fully admit, I may simply be biased because those risks are less likely to affect me personally.
Posted on Reply
#27
Bomby569
ncrsYeah I get the benefits :)
The potential problems I see are, for example:
  • fake GPUs - by flashing the firmware/BIOS you can simply lie about what the chip really is
  • malicious firmware - the GPU is a complex supercomputer running software on many internal cores, most of them have DMA to the entire host system or the facility to use DMA via other parts of the GPU, an IOMMU will only be effective if it's present (thank you Intel for segmentation) and properly configured (which is again a software and human issue)
Maybe it's just me being paranoid due to my work :p
you can say that from any open software. So it should all be closed and proprietary because of it? That's a false question. Besides there's already fake gpu's around.
Posted on Reply
#28
R-T-B
Bomby569you can say that from any open software. So it should all be closed and proprietary because of it? That's a false question. Besides there's already fake gpu's around.
Yes, but present fake gpus are reliant on old chips with unsigned firmware.
Posted on Reply
#29
enzolt
I feel like this is such a win for Nvidia drivers for Linux...
Not to mention the artificial limiters Nvidia puts for video transcoding for Plex etc...
Posted on Reply
#30
Bomby569
R-T-BYes, but present fake gpus are reliant on old chips with unsigned firmware.
you can search the internet, some they don't even care to change the firmware, they just sell a fake gpu. In some cases you actually get a fake but better working gpu anyway
Posted on Reply
#31
R-T-B
Bomby569you can search the internet, some they don't even care to change the firmware, they just sell a fake gpu.
That literally makes no sense at all. That would be a normal gpu, just outdated and mislabled.

I'd be very careful assuming I don't know this market.
Posted on Reply
#32
Bomby569
R-T-BThat literally makes no sense at all. That would be a normal gpu, just outdated and mislabled.
that! they say it's a 1050ti or whatever, but inside there's one of those old gpus like 450 idk
Posted on Reply
#33
zlobby
lexluthermiesterSpoken like a tyrant. That statement is as much nonsense as it is bereft of conscience..
All I'm offering is the truth. The notion of dread one may feel during the realization is something I can't control.

Here is a mind cookie - what if I tell you that I can prove it to you 100%, no doubts, no ambiguity, no uncertainty? Are you willing to take the risk, only to find out that it's true?

But I can promise that even a million miles away from out pale bule dot, nobody knows or cares about borders, brands, presidents, religions, etc. And in cosmic terms a million miles is what the distance between two adjacent keys on the keyboard is to you.
Posted on Reply
#34
enzolt
zlobbyAll I'm offering is the truth. The notion of dread one may feel during the realization is something I can't control.

Here is a mind cookie - what if I tell you that I can prove it to you 100%, no doubts, no ambiguity, no uncertainty? Are you willing to take the risk, only to find out that it's true?

But I can promise that even a million miles away from out pale bule dot, nobody knows or cares about borders, brands, presidents, religions, etc. And in cosmic terms a million miles is what the distance between two adjacent keys on the keyboard is to you.
Man..where do you get your weed from?
Posted on Reply
#35
zlobby
enzoltMan..where do you get your weed from?
Weed alone don't do that. Even if I'm trully loco, are you willing to give it a thought, if only for the lulz? Just to see where the rabbit hole ends?
Posted on Reply
#36
R-T-B
Bomby569that! they say it's a 1050ti or whatever, but inside there's one of those old gpus like 450 idk
Ah that's just rebranding fraud. Hard to avoid that obviously. I see what you mean.
Posted on Reply
#37
Ibizadr
This is the play off the decade... One week ago worldwide tech fóruns claim:"someone on github create an rtx bypass"
1week after
nVidia: "whaaat? Test it out to see if they can bypass us."

Get rekt by hackers probably from the same creator off the lhr bypass since they claimed a v2 off their software.
Posted on Reply
#38
zlobby
IbizadrThis is the play off the decade... One week ago worldwide tech fóruns claim:"someone on github create an rtx bypass"
1week after
nVidia: "whaaat? Test it out to see if they can bypass us."

Get rekt by hackers probably from the same creator off the lhr bypass since they claimed a v2 off their software.
Sounds plausible. Either way it's a true 3D experience that goes well with popcorn. :D
Posted on Reply
#39
Steevo
The possibility of fake GPUs VS finding out what’s in the black box of Physx that Nvidia has gimped around would be worth it to me. I don’t buy GPUs from other than retail or reputable sellers so it’s not an issue for me.

As far as malware at the firmware level that would have to be a hell of a good writer to get firmware on a machine, flash the GPU, and then load software from compromised drivers. Mobo bios malware was a thing but it’s was so niche that it wasn’t very useable and expanding its abilities caused things like boot sector writes and memory remap that was easy to spot, and with random addressing it’s going to be extremely hard for it to happen on a GPU.
Posted on Reply
#40
Axaion
"helping gamers" lmao right
Posted on Reply
#41
Fluffmeister
Axaion"helping gamers" lmao right
Indeed, it's like asking Putin to not buy such long tables, then he might actually be able to hear his advisors.

Either way, another record quarter for Nvidia incoming either way these twats want to slice it.
Posted on Reply
#42
lexluthermiester
R-T-BNot legally speaking. They just act like they do. But at least in usa, we have every right to defeat those protections on a personal level.
This Is correct.
R-T-BYes, but present fake gpus are reliant on old chips with unsigned firmware.
And this is one of the many reasons why they started the VBIOS encryption + driver signing scheme. We will not see "fake" cards on modern GPU's..
Posted on Reply
#43
Upgrayedd
LHR is bad people. The only place it truly benefits is Nvidia themselves. FE cards are the only FHR cards being produced still and AIB LHR cards still fly off the shelf.
Posted on Reply
#44
lexluthermiester
UpgrayeddLHR is bad people. The only place it truly benefits is Nvidia themselves. FE cards are the only FHR cards being produced still and AIB LHR cards still fly off the shelf.
Actually, the LHR move was triple fold. 1, they wanted to motivate the mining community to do something else, and 2, they wanted to limit the amount of wear put on the card being used to mine to prevent damage to the cards, which leads into point 3, this also would limit RMAs and minimize damage to the NVidia brand name as a result.
Posted on Reply
#45
eidairaman1
The Exiled Airman
lexluthermiesterActually, the LHR move was triple fold. 1, they wanted to motivate the mining community to do something else, and 2, they wanted to limit the amount of wear put on the card being used to mine to prevent damage to the cards, which leads into point 3, this also would limit RMAs and minimize damage to the NVidia brand name as a result.
LHR are for "gamers"
Posted on Reply
#46
TheUn4seen
Oh come on guys, wait untill I sell my unlocked/FHR 3080 until you publish the LHR bypass.
But honestly, I'm going to paraphrase one of the modern day heroes and say "f*uck you, corporate scum". The fun part is, of course, he said that about nVidia specifically.
Posted on Reply
#48
Jhart1228
Ethical hacking at it's best. In these trying times I thank you for making my shrinking dollar go just that wee bit farther.
Posted on Reply
#49
cellar door
R-T-BDid you read the article? They are.


Bios sig keys can't though. They would be a great boon to the likes of nouveau on linux.
Do you understand the premise?
Posted on Reply
#50
Cutechri
enzoltMan..where do you get your weed from?
Yeah how dare you say anything out of the norm, must be weed. :rolleyes:
Posted on Reply
Add your own comment
Nov 21st, 2024 11:03 EST change timezone

Latest GPU Drivers

New Forum Posts

Popular Reviews

Controversial News Posts