Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security

Nvidia Allegedly Hacks Hackers Who Stole Company's Data (tomshardware.com) 57

According to Vx-underground on Twitter, Nvidia has reportedly retaliated against the hacker group that stole over 1TB of the company's data by sneaking back into the hacker's system and encrypting the stolen data. Tom's Hardware reports: LAPSU$, an extortion group in South America, had illegally tapped into Nvidia's mailing server and installed malware on the software distribution server. As a result, the hacker group purportedly extracted over 1TB of Nvidia's data. However, it's unknown what kind of data the hackers had stolen, whether Nvidia's or its clients' data. It would seem that Nvidia has identified the attackers. According to the Vx-underground's Twitter post and backed by screenshots, the chipmaker has infected the perpetrators' system with ransomware and encrypted the stolen data in response to the attack. The group claimed that it had a backup of the data, though.
This discussion has been archived. No new comments can be posted.

Nvidia Allegedly Hacks Hackers Who Stole Company's Data

Comments Filter:
  • They should have stolen all their remote access codes/passwords and destroyed those systems, send all their trusted contacts a trojan, rinse and repeat, before destroying all the systems on all the networks. If you are going to break the law then you might as well do it right and try to keep your secrets secret!

  • If John Neighbor admitted to hacking some computer system, he could face federal charges, even if it was in retaliation for it being done to him. Is it possible for Nvidia to be in/on a similar situation and having to face legal charges?
    • Is the hacker group going to sue them for it?
    • Yes, it is possible they broke some laws doing this (if the news is actually true). However, it would be difficult to prove any of this in court without a lot of legal discovery, and I'm sure Nvidia would have made a point not to leave a big corporate data trail.

      Other problems in prosecuting such a case:
      - identifying jurisdiction is a crap-shoot without some good evidence before discovery, so could end up being a huge waste of court time, even if they did manage to gather evidence
      - corporations aren't reall

      • by Arethan ( 223197 )

        Also along these lines is the legal issue of software providers using discovered exploits to patch vulnerable servers found in the wild, even when the server owners are negligent and don't install available patches on their own. Iirc, this quandary came up with a Microsoft bug in the early 2000's -- might have been the Slammer worm for SQL Server, but it's been too long for me to remember it all that clearly without doing a lot of research/digging.

      • All vadid points. Against that, the DOJ must weigh the risks of setting a really bad precedent.

    • by kmoser ( 1469707 )
      Nvidia could use the "stand your ground" defense: they had to hack the hackers because they felt threatened.
    • by Dogers ( 446369 )
      From some of the discussions on Twitter, it seems it's not a "hack back" - the hacking team joined their machine to Nvidias computer management system as part of the hack, so the DLP system kicked in to enforce the encrypted disks requirement. If true, it sounds more like the hacking team don't actually know what they're doing/done! :o
    • by ledow ( 319597 )

      Not a problem... have the purported victim stand up in court and identify themselves and provide the evidence that nVidia hacked them.

      I'm sure the hacking group will get straight on that.

      Also, as someone else says, it's likely that it's an automated corporate policy to encrypt drives as they're added to the network, with a key only nVidia knows... in which case even if someone WAS stupid enough to say "we deliberately broke into nVidia and stole their code but we want you to prosecute them for encrypting ou

  • The more-recent Tom's article posted earlier states:

    "Even less so is the purported reverse-hack Nvidia reportedly conducted on Lapsus$, where they attempted to ransomware their data back from the group. This has been confirmed by Lapsus$; but the group claims to already have copied and backed-up the data before the attempted intrusion, rendering Nvidia's efforts fruitless. "
  • ... wish they'd use their time to "hack" together a proper working linux video driver.

  • It is dangerous to hack crackers. Their machines might be full of unpleasant surprises like viruses, Trojans and other malware.
  • MICROS~1 strikes again /s

A conference is a gathering of important people who singly can do nothing but together can decide that nothing can be done. -- Fred Allen

Working...