Skip to main content

Nvidia Hackers Threaten to Release Mining-Limiter Killer

A hacker with a hood up looking at a computer screen.
(Image credit: Shutterstock)

South-America based hacking group Lapsus$ is threatening to disclose software and firmware data for Nvidia's LHR (Lite Hash Rate) mining performance limiter. The new information, gleaned from alleged screenshots from the group's Telegram activity, comes hot on the heels of last week's Nvidia hack - the details of which the company is keeping close to its chest. But the group appears to be confident in the quality of the stolen data, as they've already put up an announcement for the sale of data that could enable the bypass of Nvidia's LHR as implemented on the company's GA102 and GA104 chips.

Should Lapsus$' threat come to pass, that would mean that every Nvidia 3000-series card ranging from the RTX 3060 through the RTX 3090 could be again turned into a 100% mining performance powerhouse. Besides the obvious, immediate implications of higher profit rates for already-deployed mining systems, it's unclear how this move would affect the graphics card market. Considering how Ethereum's move to Proof of Stake - referred to as The Merge - is expected to conclude in the first half of this year, anyone investing in extra cryptocurrency mining hardware - read, Nvidia graphics cards - would have a limited time to make their investment back and actually turn a profit. This rings particularly true considering the cryptocurrency market's overall downtrend since the start of the year.

Screengrabs from Lapsus$' Telegram.

The purported Telegram activity of the Lapsus$ group. (Image credit: Videocardz)

That could deter many miners from actually doing another run at graphics cards - even as the market slowly returns to normal after more than two years of terrible supply and pricing scenarios. It is however interesting that the group is asking Nvidia to remove the LHR limiter by themselves, in exchange for a "HW folder" of stolen data not being leaked and distributed. Why the group would ask Nvidia to lift the mining limiter by themselves when the group claims to be selling an unlocker of sorts for most of Nvidia's RTX 3000-series line-up is unclear, and could cast some doubts on the legitimacy of the claims.

Lapsus$ seems to be doing what it can to pressure Nvidia to the negotiating table - whilst seemingly playing to the approval of the cryptocurrency mining community. The group claims to have stolen one Terabyte of sensitive information, including product schematics, driver and firmware data, documentation, private tools and SDKs (Software Development Kits), as well as "everything about Falcon". Falcon is a special class of microcontroller that ships inside all Nvidia GPUs, and takes on a variety of roles ranging from video decoding to memory copying - to security. Depending on the sensitivity of the stolen data, Falcon could thus be rendered an ineffective defense. The group claims that it still hasn't been contacted by Nvidia, and have in the meantime distributed part of the stolen data. Sources who have accessed said data have said it matches the group's claims.

There's at least the suspicion that the group's claims are true, and that they have indeed obtained valuable data within the 1 TB claimed to have been stolen. Nvidia's continued silence on the matter - saying only it's "investigating an incident" - isn't the usual corporation response in such cases. Even less so is the purported reverse-hack Nvidia reportedly conducted on Lapsus$, where they attempted to ransomware their data back from the group. This has been confirmed by Lapsus$; but the group claims to already have copied and backed-up the data before the attempted intrusion, rendering Nvidia's efforts fruitless. This cloak-and-dagger, back-and-forth dance between a mega-corporation such as Nvidia and a hacking group isn't par of the course - perhaps Nvidia really is taking a long time to assess how exactly this could impact its business. That, in turn, likely means the impact wouldn't be negligible.

Francisco Pires
Francisco Pires

Francisco Pires is a freelance news writer for Tom's Hardware with a soft side for quantum computing.

  • watzupken
    Its ironic. The hackers think that by releasing the mining limiter, its is going to hurt Nvidia? In actual fact, it will go the other way boosting their sales instead.
    Reply
  • DRagor
    "We both know lhr impact mining and gaming"

    What those guys are smoking? If anything, removing lhr from NVidia cards is going to put gamers in even worse situation.
    Reply
  • peachpuff
    Wait I've seen this before...
    Reply
  • bigdragon
    I saw this coming back when LHR was announced. Surprised it took this long for Nvidia to get breached. Huge financial incentive to getting the implementation details and source of the LHR implementation. Rather rare and risky for a company to hack back, so there must be some seriously important data in there.
    Reply
  • spongiemaster
    Why the group would ask Nvidia to lift the mining limiter by themselves when the group claims to be selling an unlocker of sorts for most of Nvidia's RTX 3000-series line-up is unclear, and could cast some doubts on the legitimacy of the claims.

    Because they don't have the ability to remove the limiter. There are so many working parts for the LHR limiter, this group probably didn't get everything that's needed to actually disable it in existing cards.
    Reply
  • drtweak
    I'm calling their bluff. Why ask them to remote it when they claim they can do it? And then what? Release it as malware with ransomware in it and make their money that way? HAHA
    Reply
  • hotaru251
    nvidia is one of those companies who will not cave to pressure.
    Reply
  • bigdragon
    drtweak said:
    I'm calling their bluff. Why ask them to remote it when they claim they can do it? And then what? Release it as malware with ransomware in it and make their money that way? HAHA
    I'm not sure it's a bluff. The hackers likely have all the source and implementation detail they need to devise a way to beat LHR. They likely don't have developers skilled enough in creating a defeat mechanism. Bullying Nvidia into creating and releasing a defeat mechanism is easier than trying to recruit skilled developers or find a buyer for such sensitive information. Breaking into and siphoning out data from a company like Nvidia is a different skill set than graphics pipeline and hardware interface coding.
    Reply
  • deV14nt
    I don't think mining is going to shrivel up and die if etherium falls out of favor. There are dozens of coins, some of which are sometimes more profitable than ETH. Such as CFX right now. Today. That's just a myth going around tech journalism circles.
    Reply
  • TJ Hooker
    deV14nt said:
    I don't think mining is going to shrivel up and die if etherium falls out of favor. There are dozens of coins, some of which are sometimes more profitable than ETH. Such as CFX right now. Today. That's just a myth going around tech journalism circles.
    That's only because the amount of cards mining CFX is minuscule compared to the amount mining ETH. If/when ETH goes PoS, all the hashing power from ETH moving away from ETH would be enough to tank mining profitability for the other non-ASIC-mined coins out there, unless their price also goes way up at the same time.
    Reply