Nvidia yesterday launched an investigation into a hacker group that stole over 1TB of the chipmaker's data. Underground group, Vx-underground, has shared on its Twitter account that Nvidia has reportedly retaliated by sneaking back into the hacker's system and encrypting the stolen data.
LAPSU$, an extortion group in South America, had illegally tapped into Nvidia's mailing server and installed malware on the software distribution server. As a result, the hacker group purportedly extracted over 1TB of Nvidia's data. However, it's unknown what kind of data the hackers had stolen, whether Nvidia's or its clients' data. Nvidia's spokesman didn't share any details other than the company was looking into the breach.
It would seem that Nvidia has identified the attackers. According to the Vx-underground's Twitter post and backed by screenshots, the chipmaker has infected the perpetrators' system with ransomware and encrypted the stolen data in response to the attack. The group claimed that it had a backup of the data, though.
LAPSU$ extortion group, a group operating out of South America, claim to have breached NVIDIA and exfiltrated over 1TB of proprietary data.LAPSU$ claims NVIDIA performed a hack back and states NVIDIA has successful ransomed their machinesIntel and photos courtesy of @S0ufi4n3 pic.twitter.com/fXcTNqgIpWFebruary 26, 2022
It's not Nvidia's first time to the rodeo, either. The chipmaker, along with a list of big-name corporations, including Intel, was victim to the SolarWinds hack back in 2020.
Nonetheless, it's not every day that you see companies take matters into their own hands as the majority of the victims hand the case over to the authorities. On the other hand, Nvidia was allegedly more proactive and launched a cyberattack on hackers. Unfortunately, if the group's claim to having a backup is valid, Nvidia's effort may have been in vain.
They should make it Really Freaking Hurt the hackers.
The Way it's meant to be played
And we can't even be sure that Nvidia even was responsible for the retaliatory attack against the hackers. It was probably someone else. As the previous article stated...
Legal "self-help" is allowed in many cases. Encrypting your own data stolen from you by criminal actors is well within the bounds of legal principles. It's just like finding your stolen bike on the thief's porch and walking up and taking it back.
This means Nvidia could be hacking others or oculd be building backdoors in its own hardware.....