LAPSUS$ Ransomware Gang Attacks Nvidia

The LAPSUS$ ransomware gang has attacked Nvidia. According to a security bulletin released by the company on March 8th, 2022, "NVIDIA became aware of a cybersecurity incident which impacted IT resources." The GPU manufacturer reportedly hardened its network in response to the attack and notified law enforcement agencies.

LAPSUS$ Demands

LAPSUS$ claimed it was seeking the removal of the lite hast rate (LHR) limitations in all GeForce 30 series firmware to aid gamers and crypto miners. Nvidia LHR graphics cards detect when they're being used for Ethereum (ETH) cryptocurrency mining and automatically halve the hash rate.

Impact of the Attack

Impacted data included over 70k employee email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community.

History of LAPSUS$

LAPSUS$ first emerged in late 2021 with a ransomware attack against the Brazilian Ministry of Health but was thought to be inactive after a series of arrests of its core members in the spring of 2022 despite taking credit for attacks on Uber and Rockstar Games while members were incarcerated. LAPSUS$ did not operate as a RaaS. Considered inactive by April 2022 following multiple arrests; some believe they re-emerged in September 2022 with attacks against Uber and Rockstar Games that prompted more arrests.