Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Hackers stole top-secret GPU details — then Nvidia hit back

Following a cyberattack that took Nvidia’s systems offline for two days last week, the hacking group behind the initial breach has now revealed it has allegedly gained access to over 1TB of data from the tech giant.

When the attack was originally reported on Friday, there wasn’t too much information provided beyond the fact that Nvidia was “investigating an incident.” However, over the weekend, there were some extremely interesting developments pertaining to the situation, which includes purported retaliation by Nvidia.

Jacob Roach / Digital Trends

Cyber breach details reveal extent of hack

Firstly, ​​hacking group LAPSUS$ stated that the hack it carried out resulted in gaining entry to Nvidia’s servers for about an entire week. As a result of this unprecedented access, it says it was able to extract 1TB of data, including schematics, drivers, firmware, and more.

Recommended Videos

“We also have documentation, private tools and SDKs, and everything about falcon [microprocessors for NVIDIA GPUs based on a custom architecture], we know what is valuable,” the South American group explained on Telegram.

Get your weekly teardown of the tech behind PC gaming
Check your inbox!

According to VideoCardz, the group has released the first batch of the leak. The publication’s sources indicate that the “partial data included in the package appears to match the claims.”

One important piece of data originating from the hack the group claims it now has in its possession is an LHR V2 bypass for GA102-GA104 GPUs. As reported by VideoCardz, that means LAPSUS$ located the main algorithm used to implement the cryptocurrency mining hash rate limiter that Nvidia applied to its RTX 30-series of graphics cards in 2021. It says it is currently selling the LHR V2 bypass, but added that the group hopes Nvidia removes it soon.

Most recently, a tool that was claimed to remove the mining limits imposed on various Nvidia GPUs was proven to be malware. But if these hackers’ assertion that they stole the algorithm behind the limiter is actually true, then a program to unlock full mining performance for some of the most popular video cards may very well materialize in the near future.

The Telegram posts detailing the Nvidia cyberattack.
Image source: VideoCardz Image used with permission by copyright holder

As detailed in its Telegram posts revealing the extent of the hack, the group said that in an effort to “help” the mining and gaming communities, it wants Nvidia to “push an update for all 30-series firmware that remove every LHR limitation.” If the company does not meet this specific demand, LAPSUS$ threatens to leak the “hw folder.”

Moreover, should Nvidia fail to contact the hackers, the group “will take actions.” While the exact motive behind the hack may potentially be related to extracting as much monetary value as it can, LAPSUS$ stresses the attack is not politically motivated, nor is it state-sponsored.

Nvidia fights back

In an interesting turn of events over the weekend, Nvidia has seemingly fought back by, well, hacking the hackers. According to a tweet from vx-underground, as reported by Kitguru, Team Green “performed a hack back” and subsequently “ransomed [the group’s] machines.” A statement from the group further elaborated on Nvidia’s actions, apparently confirming that the firm encrypted its hard drives. However, LAPSUS$ asserts it was able to generate a backup containing the breached data.

LAPSUS$ commented on Nvidia’s alleged counterattack in another Telegram post. Access to the GPU and chip manufacturer’s VPN required the PC “to be enrolled in MDM (Mobile Device Management).” Due to this method that was utilized by the hackers to initially infiltrate Nvidia’s systems, the firm was “able to connect to a VM [virtual machine] we use.”

“Yes they successfully encrypted the data. However we have a backup,” it added.

Either way, it’s unheard of for a company of Nvidia’s size to initiate its own counterassault of this nature, regardless of whether it was in the form of a hack or not.

As for Nvidia’s acknowledgement of the purported exploits, it confirmed it is “investigating an incident” on Friday. Beyond that admission, LAPSUS$ said the company “filed [an] abuse report.”

Elsewhere, as reported by Bloomberg, Nvidia said its “business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event and don’t have any additional information to share at this time.” Additionally, a Bloomberg source familiar with the matter said the cyber breach “looks to be relatively minor and not fueled by geopolitical tensions.”

News of the cyberattack failed to negatively impact Nvidia’s stock prices. Instead, shares actually increased by 1.7% to $241.57 when the markets closed on Friday. That said, Bloomberg highlights how stocks for the chipmaker (with the company valued north of $600 billion) have been on a downward trend during 2022 thus far (by 18% to be exact).

The hack comes at a time when Nvidia’s proposed $66 billion acquisition of British chip designer ARM was officially canceled amid intense regulatory pressure from several governmental bodies.

Zak Islam
Former Digital Trends Contributor
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
Nvidia may keep producing one RTX 40 GPU, and it’s not the one we want
The Alienware m16 R2 on a white desk.

The last few weeks brought us a slew of rumors about Nvidia potentially sunsetting most of the RTX 40-series graphics cards. However, a new update reveals that one GPU might remain in production long after other GPUs are no longer being produced. Unfortunately, it's a GPU that would struggle to rank among Nvidia's best graphics cards. I'm talking about the RTX 4050 -- a card that only appears in laptops.

The scoop comes from a leaker on Weibo and was first spotted by Wccftech. The leaker states that the RTX 4050 is "the only 40-series laptop GPU that Nvidia will continue to supply" after the highly anticipated launch of the RTX 50-series. Unsurprisingly, the tipster also reveals that the fact that both the RTX 4050 and the RTX 5050 will be readily available at the same time will also impact the pricing of the next-gen card.

Read more
This may be your last chance to buy an RTX 40-series GPU at MSRP
Nvidia GeForce RTX 4090 GPU.

Just last week, we reported on the end of production for the RTX 40-series. Now, new information from Board Channels (shared by Gazlog) suggests that the final shipments of Nvidia's best graphics cards are right around the corner. Some GPUs, like the RTX 4090, have already seen their final shipments. With the holidays on the horizon, now might be the last time to buy the RTX 40-series at a decent price before stock levels begin dwindling.

Despite being two years old, Nvidia's RTX 40-series has held up in terms of GPU prices. Only the RTX 4090 went up from its original recommended list price (MSRP), with the rest of the lineup  holding steady and mostly hovering around the launch price. Things might take a turn for the worse, though, if this report ends up being true.

Read more
Nvidia RTX 50-series GPUs: everything we know so far
RTX 4070 seen from the side.

Nvidia already makes some of the best graphics cards, but it's also not resting on its laurels. The RTX 40-series, which has been bolstered by a refresh, is now over two years old, and Nvidia is hard at work on the next generation of GPUs.

The release date of RTX 50-series GPUs is still at least over a month away, but various rumors and leaks give us a better idea of what to expect. Here's everything we know about Nvidia's upcoming generation of graphics cards.
RTX 50-series: pricing and release date

Read more