An Update On The NVIDIA Cyberattack
The fallout from the breach at NVIDIA continues to grow, with some serious repercussions for users spotted by The Register. The data stolen from NVIDIA seems to have included two signing certificates and there have already been two binaries appear in the wild taking advantage of this. The certificates mean that dastardly nogoodniks are able to write their own code, which can do whatever their diabolical imagination can come up with, will appear to be valid NVIDIA software and thus will not be blocked by Windows. As far as your operating system is concerned the files are perfectly valid, and the same will go for many antivirus programs until new certificates can be created and distributed and the old certs revoked. You might want to hold off on updating your drivers for a wee bit, along with any NVIDIA apps you might want.
In addition to the certificates and the other fallout Sebastian listed about the NVIDIA cyberattack, the details of 71,335 NVIDIA employee accounts was purloined and some have been published to the web. We have already seen information on NVIDIA DLSS technology and upcoming architectures that the hackers discovered in the ~250GB of data they exfiltrated but as of yet not much about NVIDIA’s AI libraries like NV-Torch and NV-Caffe. Those deep learning systems are used by customers in applications you really don’t want to be subverted.
This is all because a bunch of miners are upset that NVIDIA dared to produce LHR GPUs which prevented efficient processing of the Etherium algorithm. NVIDIA has not made all cards low hash rate, the small percentage of models with low hash rates were released in a desperate attempt to ensure at least some of their GPUs ended up in the hands of gamers. Apparently, even just releasing a tiny number of cards that aren’t built for cryptokiddies is enough for them to throw a huge tantrum.
Indeed, they are also so upset they have also released 190GB of stolen data from Samsung as you can read below. With such inane behaviour, the semi-reasonable demands for open sourcing NVIDIA drivers is lost behind their screams and threats to hold their breath until they turn blue.
At least two binaries not developed by Nvidia, but signed this week with its stolen cert, making them appear to be Nvidia programs, have appeared in malware sample database VirusTotal.