The software and firmware data for Nvidia LHR (Lite Hash Rate) GPUs could soon be leaked online if Nvidia fails to meet the demands of the South American hacking group Lapsus$.
Details of the group’s plan to release the company’s proprietary data were first shared on its Telegram channel and if the data turns out to be authentic, it might stop graphics cards from falling in price as they could once again be used to mine for Bitcoin and other cryptocurrencies.
While the data itself has yet to be verified, Lapsus$ has already gone ahead and put up an announcement for the sale of information that may allow those mining for cryptocurrency to bypass Nvidia’s LHR which is implemented on GPUs featuring its GA102 and GA104 chips.
If the information stored in the 1TB of data stolen from Nvidia actually allows users to bypass LHR, the full power of the RTX 3060 all the way up to the RTX 3090 could be used to mine cryptocurrency. Even if this is the case though, Ethereum’s upcoming move to Proof of Stake (known as The Merge) would give those mining for cryptocurrency only a little time to make a return on their investment into Nvidia GPUs.
Request to remove the LHR limiter
In addition to threatening to leak proprietary company data including schematics, drivers, firmware, documentation, private tools and SDKs (Software Development Kits), Lapsus$ has also asked Nvidia to remove the LHR limiter on its own.
Should the company comply with this request, the group has promised not to leak and distribute a “HW folder” of stolen data. However, it seems odd that Lapsus$ would request for Nvidia to remove the LHR limiter in its recent GPUs when the group claims to have all of the necessary software to do so on its own.
Lapsus$ also claims to have obtained “everything about Falcon” from the company. For those unfamiliar, Falcon is a special class of microcontroller that ships inside all of Nvidia GPUs which handles a variety of roles from video decoding to memory copying to security.
Although Lapsus$ hasn’t been contacted by Nvidia yet, sources who have accessed the stolen data say that it matches the group’s claims. For its part, Nvidia did apparently try to hack the group itself by deploying ransomware intended to prevent its stolen data from being leaked. Unfortunately though, Lapsus$ had already backed up the data before the attack occurred.
We’ll have to wait and see if Lapsus$ does decide to release the stolen data but in the meantime, Nvidia is currently investigating the incident as the case with the recent cyberattack that reportedly took parts of its business offline.
Via Tom’s Hardware