Hackers create fake GPU drivers using stolen Nvidia data

The Nvidia hack has hit a worrying new low. After the Lapsus hacker group seized more than a terabyte of Nvidia data, including source code for DLSS and the private information of over 70,000 current and former employees, we’re now told hackers are using stolen security certificates to create fake GPU drivers that secretly contain malware.

Techpowerup and BleepingComputer (via PC Gamer) report that these security certificates are used to create “a new breed of malware,” including Cobalt Strike beacons, Mimikatz, backdoors, and Remote Access Trojans (RATs). ). Since this malware contains Nvidia’s security certificate, it can infect your computer without triggering any antivirus software.


Related: Destiny’s Raid Race Had Server Issues, But That Doesn’t Make Elysium Victory Invalid

Code signing certificates allow Windows to determine the original source and ownership of software. If a certificate says the code is from a trusted source, Windows lets that code install without asking too many questions. If this certificate is not from a trusted source or is not there at all, Windows will issue a warning message or will not let this code run at all.

by Nvidia


A security certificate from Nvidia means that hackers can create malware using Nvidia credentials to bypass the usual security checks Windows uses whenever it installs new software. This could lead to a lot of compromised computers if you download a file thinking it’s from Nvidia when it isn’t.

PC Gamer said there are two serial numbers to look up. Both are expired, but Windows will still let them through. If you download new drivers, be sure to check these numbers first.

  • 43BB437D609866286DD839E1D00309F5
  • 14781bc862e8dc503a559346f5dcc518

It only really matters if you manually download new Nvidia drivers. Drivers that download automatically through Nvidia Experience should be safe.

Lapsus is unleashed. Not only did they hack into Nvidia, but they also stole nearly 200 GB of data from Samsung, including source code and biometric data. Some of this data also includes Samsung’s Trusted Applets code, so Samsung devices might also have to worry about similar malware infecting their phones.

Next: The Batman Should Lead To More Standalone Superhero Movies

Capcom is excited as hell and I’m totally here for it

The future is healthy and exciting.

Read more

About the Author

Previous AMD's Random Performance Issues Pinned to fTPM with a Fix in Another Two Months
Next APC UPS zero-day bugs can remotely burn out devices, turn off power