Nvidia suffered a ransomware attack claimed by the Lapsus$ group

Nvidia Ransomware Attack Lapsus$ Hacking Group Network Intrusion Supply Chain

The Lapsus$ ransomware group claimed to have completed an attack against the American multinational technology company Nvidia, leaking many Nvidia employees’ credentials and password hashes. The threat group also warned about disclosing 1TB worth of stolen information soon.

Despite governments and organisations worldwide anticipating cyberattacks following the conflict between Russia and Ukraine, the threat group took a moment to conduct a cyberattack utterly unrelated to the war.

Other large publishing firms also stated that this recent attack could only be a minor incident and not linked in any way to the ongoing Russian invasion of Ukraine.

Nvidia reported the investigation of an attack against their computer systems, revealing that they have been suffering from operational blackouts for the past couple of days.


Researchers assumed that the blackouts were caused by a malicious network intrusion from the Lapsus$ ransomware group, which compromised Nvidia’s internal system.


On an interesting turn of events, Nvidia has reportedly retaliated and conducted a counter cyberattack against the threat group and encrypted its internal files by connecting to a virtual machine.

The ransomware group then released a statement saying that they have survived Nvidia’s attempt since they have emergency backup files to counteract any attempt of compromising their infrastructure.

A computer expert explained that Nvidia’s production of advanced computing accelerators for a wide array of tech sectors makes them a target for massive cyberattacks. All sorts of codes that firms like Nvidia create can be found inside Git repositories, where threat actors have been eyeing to search for any vulnerabilities they can exploit.

Once the hackers have infiltrated these repositories and exploited flaws from the codes, a devastating software supply chain attack could transpire, affecting all Nvidia product users worldwide.

A spokesperson from the tech firm claims that its business operations and activities are uninterrupted despite the attack. Though their internal teams continue to investigate the scope of the incident to gather more information they can study and share in the future.

About the author

Leave a Reply