A group called Shadow Brokers released a new trove of NSA malware that likely targeted the company. The leak casts doubt on how safe NVIDIA’s technology was, especially after users were found to have been infected by Spyware using an expired certificate from DigiCert.
A malware has been released which uses NVIDIA’s stolen code signing certificates to sign the malicious app. This malware is capable of stealing data from your device, including your passwords and credit card information.
Photo: NVIDIA
The effects of NVIDIA’s cyberattack are still being felt. Bad actors are already exploiting stolen data to construct malware, which has already been published online, in addition to email addresses, password hashes, and DLSS source code. Bypassing Windows security protections is made possible via NVIDIA code-signing certificates. Multiple trojans employing the stolen certificates have been discovered in the wild by researchers.
Two code signing certificates have been compromised as a result of the #NvidiaLeaks. Windows still permits their usage for driver signing even when they have expired. For further insight on compromised certificates, see the lecture I delivered at BH/DC: https://t.co/UWu3AzHc66 pic.twitter.com/gCrol0BxHd
March 3, 2022 — Bill Demirkapi (@BillDemirkapi)
It may be difficult to block applications with digitally signed certificates since they stop threat actors from installing malware on a PC. Malware might pass for updates or drivers, making it difficult to detect. However, there is still some hope since David Weston, Microsoft’s director of enterprise and OS security, has offered a way for administrators to enhance security safeguards. A user may manage which drivers are loaded using Windows Defender Application Control policies (WDAC).
All of the following qualities may be blocked or allowed: pic.twitter.com/3BV3QoMuMX
March 3, 2022: David Weston (DWIZZZLE) (@dwizzzleMSFT)
The typical user finds it difficult to establish unique policies and rule sets. Things could become worse if anything is done poorly. It is anticipated that Microsoft and NVIDIA would work together to find a simpler solution.
By scanning at serial numbers, software experts can spot possible infection. The following serial numbers were discovered in the stolen certificates by security researchers Will Dormann and Kevin Beaumont.
4781bc862e8dc503a559346f5dc518 43BB437D609866286DD839E1D00309F5
A Bleeping Computer report
Latest News
GeForce RTX 30 Series and NVIDIA GeForce RTX 40 Series may coexist.
March 7, 2022 March 7, 2022
The multiplayer lead for Halo Infinite departs 343 Industries, and campaign co-op is also delayed.
March 7, 2022 March 7, 2022
Upgraded Trigger Springs Are Found in New PS5 DualSense Controllers
March 7, 2022 March 7, 2022
Lithium-Ion Batteries with Five Years of Full Capacity Maintenance Due to New Material
March 7, 2022 March 7, 2022
Recent GPU Pricing Trends Point to Possible MSRP Parity by the Summer
March 7, 2022 March 7, 2022
Foreseen: The Fantasy RPG from Square Enix and Luminous Productions Will Launch in the Fall of 2022
March 7, 2022 March 7, 2022
I was one of the numerous 1970s-era kids who got mesmerized by the 1980s invasion of video arcades. I bought my first computer from a buddy of mine using money I saved from doing different odd jobs. read more from Peter Brosdahl
The “leaked nvidia certs” is a malware release that was done using NVIDIA’s stolen code signing certificates. This malware was released by the Shadow Brokers, who also leaked other valuable information.
Related Tags
- nvidia driver malware
- nvidia drivers
- nvidia hack
- nvidia code
- malwarebytes
