Wednesday, May 25, 2022
728x90-1

Hackers are using Stolen Nvidia certificates to authenticate malware

- Advertisement -

Hackers that broke into Nvidia’s network disclosed a stockpile of stolen data, including genuine code-signing certificates presently being exploited in the wild. Several security experts have obtained instances of suspicious software payloads that leverage at least two of Nvidia’s digital certificates, according to reports. In a tweet on Friday, threat expert Mehmet Ergene detected many malicious files signed with one of the Nvidia certificates.

The certificates were purportedly provided as a current data payload by criminal hackers linked to the Lapsus$ ransomware group. The organisation claimed to have gained access to Nvidia’s business network and a large internal data cache.

Even though one of the security certificates is old, dating back to 2014, it is still valid for Windows systems. As a result, attackers can utilise the certificate to make their malware payloads appear legitimate AMD software updates.

728x90-1

Nvidia has yet to reply to a request for comment on the certificates’ publication. Although researchers have released Yara rules that administrators may employ to detect and stop malicious downloads, many end users may still be vulnerable to malware payloads masquerading as Nvidia graphics card firmware or software upgrades.

“On February 23, 2022, NVIDIA became aware of a cybersecurity incident which impacted IT resources,” Nvidia said in a statement earlier this week. “Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts, and notified law enforcement.”

Nvidia
NVIDIA certificates used to sign malware, Source: Florian Roth

Hackers are using Stolen Nvidia certificates to authenticate malware

Nvidia has stated that the network intrusion had no impact on its day-to-day operations and did not expect it to alter. Meanwhile, the Lapsus$ hackers have threatened to expose more Nvidia material, including technical insights about future GPU designs and graphics card platforms.

- Advertisement -

The group’s primary demand is that Nvidia releases its graphics card drivers as open-source projects, which would allow developers to optimise the hardware better and add new features.

Nvidia
NVIDIA certificates used to sign malware, Source: Florian Roth

The hacker group specifically requests that Nvidia eliminate its Lite Hash Rate (LHR) limits, limiting GPUs’ ability to compute the equations required to mine cryptocurrencies. Nvidia used LHR to reduce the gaming sector’s mining purchases of graphics cards, which resulted in a vast product shortage.

Also Read:

NVIDIA hackers have now targeted Samsung in their latest heist

Source

- Advertisement -
spot_img
Nivedita Bangari
Nivedita Bangari
I am a software engineer by profession and technology is my love, learning and playing with new technologies is my passion.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Articles

More To Consider

Stay Connected

13,642FansLike
62FollowersFollow
154FollowersFollow
Boat Lifestyle [CPS] IN

Hot Topics

spot_img

Latest Articles

Trending

Featured

Adblocker detected! Please consider reading this notice.

We've detected that you are using AdBlock Plus or some other adblocking software which is preventing the page from fully loading.

We don't have any banner, Flash, animation, obnoxious sound, or popup ad. We do not implement these annoying types of ads!

We need money to operate the site, and almost all of it comes from our online advertising.

Please add technosports.co.in to your ad blocking whitelist or disable your adblocking software.

×