Last month, Nvidia was the target of the LAPSUS $ hacker group, which stole more than 1TB of company data, but now Nvidia is in trouble again.
The attackers also gave Nvidia a list of requests, and if Nvidia fulfills them, the hackers will not publish the company’s data. Nvidia did not meet the mentioned requirements, which resulted in the data being published online. The data includes Nvidia‘s DLSS source code and a set of expired software logging certificates.
Bleeping Computer reports that malware creators used Nvidia software with software login certificates to disguise their malicious software to look reliable. Although Nvidia’s stolen certificates have expired, Windows PC users can still see the enrolled software as legitimate. This can pose a serious security risk to PC users.
READ MORE:
- Lenovo introduces a new range of laptops for more casual gamers
- World Of Warcraft: expansion next month
- Samsung announces Galaxy Book2 Pro 360 with S Pen function and Galaxy Book2 Pro
Code entry certificates can allow developers to enter their executable codes and drivers, allowing Windows and Windows users to verify who created their software. Nvidia’s stolen software enrollment certificates will make the malware look like legitimate Nvidia software, until Microsoft withdraws those certificates or updates the operating system to prevent software that is not enrolled through these certificates.
According to the allegations, the mentioned Nvidia driver entry code was used to spread the Quasar remote access Trojan or other malware and hacking tools.