Nvidia breached by attackers who seem shocked by hack-back
Ian King and William Turton report:
A cyber breach suffered by Nvidia Corp. in recent days appears to have been a ransomware attack that’s not connected to the crisis in Ukraine, according to a person familiar with the incident.
The hack looks to be relatively minor and not fueled by geopolitical tensions, said the person, who asked not to be identified because the details aren’t public.
Read more at Bloomberg.
The attackers are a Brazilian group calling themselves LAPSUS$ and have posted a running update on their Telegram channel. In one astonishing entry, they complain that Nvidia has hacked back.
LAPSUS$, [2/26/2022 1:02 AM] EVERYONE!!! NVIDIA ARE CRIMINALS!!!!!!!!!
SOME DAYS AGO A ATTACK AGAINST NVIDIA AND STOLE 1TB OF CONFIDENTIAL DATA!!!!!!
TODAY WOKE UP AND FOUND NVIDIA SCUM HAD ATTACKED **THE** MACHINE WITH RANSOMWARE…….
LUCKILY IT HAD A BACKUP BUT WHY THE FUCK THEY THINK THEY CAN CONNECT TO THE PRIVATE MACHINE AND INSTALL RANSOMWARE!!!!!!!!!!!
[Where is my shocked face when I really need it? But wait, there’s more — Dissent]
LAPSUS$, [2/26/2022 1:03 AM] (100% DISK USAGE) from nvidia ENCRYPTING **THE** DRIVES!!!!!!!!!!![…]
LAPSUS$, [2/26/2022 1:42 AM] We are not sure how will we leak the data yet. We think it will be in 5 different releases, its very large almost 1tb
On another note, If Nvidia contact us in email, and pay a fee. Will will ensure the data isn’t leaked.
WE EXPECT INITAL CONTACT ON OR BEFORE FRIDAY[redacted]@ctemplar.com
NOTE: Nvidia has not confirmed that there was any hack-back or retaliatory action. This post will be updated if they do issue a statement about this claim.