You may have heard by now that hackers have allegedly attacked Nvidia, but the culprits are still at large. According to a new report, the group “LAPSUS$” was behind the attack, and the group itself was targeted by a ransomware attack in retaliation.
According to vx-underground, the South American hacking group stole 1TB of confidential data from Nvidia's internal servers. Nvidia hasn't yet confirmed the attack, instead stating that it has been “investigating an incident”.
LAPSU$ extortion group, a group operating out of South America, claim to have breached NVIDIA and exfiltrated over 1TB of proprietary data.
LAPSU$ claims NVIDIA performed a hack back and states NVIDIA has successful ransomed their machines
— vx-underground (@vxunderground) February 26, 2022
Ironically, the hacker's group said Nvidia had hacked them back, accusing them of being criminals. In a statement, the group says the chip manufacturer has encrypted their hard drives, but it claims to have a backup with the stolen data.
In another tweet shared by vx-underground, the hackers explain how Nvidia got them back. When the hackers got into Nvidia's network, they did it through an employee's VPN. That forced them to enrol a VM into Nvidia's MDM (Mobile Device Management), which the company obviously has access to and can see who's using it.
As it seems, the hackers have attacked Nvidia via the email accounts of some of its employees. This could explain the email issues reported by other media outlets. For now, it seems the group has only leaked source code from Nvidia drivers, leaving us wondering what the actual reason behind the attack was.
Discuss on our Facebook page, HERE.
KitGuru says: Nvidia should have an official update on its investigation into the attack later this week.