Nvidia’s hacked data is being actively used to disguise malware as legit files

In late February, the cyber gang calling itself Lapsus$broke into Nvidia’s internal networkand managed to steal a lot of sensitive data, from hashed login credentials to critical trade secrets behind the company’s chips. The hackers demanded Nvidia remove the lock on its newer GPUs that automatically slowed them down when mining cryptocurrency and was given until March 4 to comply — or Lapsus$ would release those trade secrets. The cybercriminals have started making good on their threats, and now the fallout from their data dump threatens to help malware avoid detection.

The stolen info included some of the cryptographic certificates Nvidia uses so users can verify that drivers and executable files for their GPUs are authentic. AsBleeping Computer points out, hackers are now using those pilfered certificates to mask a variety of malware. This means cyberattackers can make malicious programs appear like legit Nvidia software — and even though these are older, expired certificates, Windows will still load drivers signed with them.

4

Multiple types of malware have already been spotted masking themselves with these seemingly valid certificates, including a remote access trojan (RAT) called Quasar.Stratosphere Labsanalyzed Quasar in 2019 and found — without naming a culprit — that it had been used in past cyberattacks against Ukraine. While Microsoft VP for OS Security and Enterprise David Weston tweeted that IT admins can configure defenses against the disguised malware, average users may need to be on their guard.

Lapsus$ also hacked Samsungbut at least in that case we haven’t seen any fallout that directly puts end users at any risk. For now, it’s still not totally clear just how much damage was truly done to Samsung or Nvidia — or whether this cyber gang is even done just yet.

Google Home icon with some gadgets around it.

Perfect for all types of devices

EA has confirmed the early access release date for the next game in the Skate series

Samsung Notes logo in front of image containing S Pen and devices using Samsung Notes

Strong alternatives to aging competitors

Stop me if you’ve heard this one before

An HMD Vibe with Google Photos open laying on a brown blanket

It’s been a while

Some scary urban digital legends

via AP