Please note that this post is tagged as a rumor.
NVIDIA hacks the attackers
Vx-underground, a group sharing samples of the malware and viruses, has reported on Twitter that the supposed NVIDIA ransomware attack was performed by a South American group called LAPU$.
The group allegedly performed a ransomware attack on NVIDIA internal servers and has exfiltrated over 1TB of data. This claim has not been confirmed by NVIDIA, as the company has only confirmed it is investigating the incident.
Yesterday Bloomberg citing their own sources confirmed that NVIDIA was indeed attacked by a ransomware attack, which partially confirms the news from vx-underground.
LAPSU$ extortion group, a group operating out of South America, claim to have breached NVIDIA and exfiltrated over 1TB of proprietary data.
LAPSU$ claims NVIDIA performed a hack back and states NVIDIA has successful ransomed their machines
— vx-underground (@vxunderground) February 26, 2022
The most interesting part of this story is that NVIDIA allegedly hacked the group back by trying to encrypt the stolen data, however, the group has made a copy of it in a virtual-machine environment which means such a counter-attack measure will be unsuccessful.
It appears that the hacking group gained access to employees’ email accounts, which may explain why NVIDIA had trouble with their mailing systems for the past 2 days. The group also posted source code from NVIDIA drivers, but the true scope of this attack is yet unknown.
Many thanks to TerpMike28 for the tip!