Nvidia counter-hacks ransomware gang, but the group had already backed up stolen data
Days after Nvidia was hacked by ransomware group Lapsus$, the chipmaker launched a retaliatory attack on the cybercriminals to retrieve its stolen data.
The ransomware gang took to its Telegram channel to voice its discontent at being counterattacked. Screenshots from the attack did the rounds on social media site Twitter.
“EVERYONE!!! NVIDIA ARE CRIMINALS!!!!!!!!! SOME DAYS AGO A ATTACK AGAINST NVIDIA AND STOLE 1TB OF CONFIDENTIAL DATA!!!!!! (sic),” “TODAY WOKE UP AND FOUND NVIDIA SCUM HAD ATTACKED **THE** MACHINE WITH RANSOMWARE…….” The telegram message read.
Threat analyst from Emsisoft, Brett Callow, along with multiple other security researchers posted screenshots on Twitter from Lapsus$ official channel.
The exact time of when the post went up on Telegram remains unknown as the channel remained inaccessible.
However, the Ransomware group one-upped Nvidia by having a backup of the stolen data.
LUCKILY IT HAD A BACKUP BUT WHY THE F*** THEY THINK THEY CAN CONNECT TO THE PRIVATE MACHINE AND INSTALL RANSOMWARE!!!!!!!!!!!” Lapsus$ posted on its Telegram channel.
Prior to being counterattacked, the group had allegedly leaked credentials of Nvidia’s employees, and would soon leak about 1 terabyte of data, unless Nvidia decides to pay ransom, according to darkweb criminal intelligence’s Twitter handle DarkTracer.
Telegraph had first reported on 25 February that Nvidia had come under attack. The report said that Nvidia had its internal systems fully compromised, and even had to take parts of its business offline for two days, as its email systems and developer tools were suffering from outages for the said period.
“Our business and commercial activities continue uninterrupted. We are still working to evaluate the nature and scope of the event and don‘t have any additional information to share at this time,” Nvidia claimed in a response to CRN.