The hackers who attacked NVIDIA earlier this week are currently making an unusual demand. They want Nvidia to open source their GPU drivers, disable LHR and pay a ransom amount.
Note that the LHR feature mentioned in the demand stands for "Lite Hash Rate." Cybercriminals claim that disabling it will "help the mining and gaming community."
NVIDIA Leak: The Lapsus$ Demands
Sources from Artechnica discuss the details of these demands. The cybercriminal group Lapsus$ reportedly claimed in broken English that "We want NVIDIA to push an update for all 30 series firmware that remove every LHR limitations otherwise we will leak HW folder."
For reference, LHR is a feature that NVIDIA introduced in February 2021, which was installed on the GeForce RTX 3060, 3060 Ti, 3070, and 3080 graphics cards. This feature was established to make graphics cards less desirable to crypto miners and discourage them from buying gaming-issued units. LHR works by limiting the hash rate of mining efficiency by approximately 50%.
It seems the feature was a bit too effective because it created some frustration on the cybercriminal's part. The modified demand issued to NVIDIA said that if the GPU drivers are not open-source by Friday, March 4, then the hackers would "release the entire silicon chip files so that everyone not only knows your driver's secrets but also your most closely-guarded trade secrets for graphics and computer chipsets too."
NVIDIA Data Breach: Will They Comply With the Demand?
NVIDIA officially acknowledged the breach earlier this week. However, they have yet to share their plans and countermeasures about the cyberattack.
In a statement published on Tuesday, March 1, NVIDIA emphasized, "We do not anticipate any disruption to our business or our ability to serve our customers as a result of the incident." This implies that although they acknowledged the breach, they are fully confident in the security countermeasures that are currently being set.
To the shock of many fans, NVIDIA might have actually fought back against Lapsus$. Twitter user Soufiane Tahiri summarized it by saying, "Lapsus is claiming attacks on NVIDIA , then NVIDIA hit(s) back with a ransomware."
It is important to note that throughout these ongoing issues, NVIDIA never confirmed whether it was Lapsus$ who breached their networks. They also did not elaborate on the stolen data, or whether it would match the ones the hackers were threatening to leak.
Due to the elusive nature of NVIDIA and the cybercriminals, it is hard to determine which side is winning the digital battle. It is also unclear whether NVIDIA managed to recover its stolen files during their alleged attack.
Since the cybercriminals claim that a leak might happen later this week, interested fans are recommended to watch out for more updates. iTech Post will also report any new information as soon as it becomes available.
Related Article: NVIDIA Confirms Data Breach, Hackers Leak Next-Gen GeForce GPU Names