{"id":184945,"date":"2022-03-07T11:34:04","date_gmt":"2022-03-07T10:34:04","guid":{"rendered":"http:\/\/sftarticles.wpenginepowered.com\/en\/?p=184945"},"modified":"2025-07-01T20:54:29","modified_gmt":"2025-07-02T03:54:29","slug":"stolen-nvidia-certificates","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/stolen-nvidia-certificates\/","title":{"rendered":"Stolen NVIDIA certificates used to make malware appear trustworthy"},"content":{"rendered":"\n

Digital certificates stolen from NVIDIA<\/strong> during a recent network security breach are currently used in suspicious software payloads or malware to try and trick users\u2019 computers into treating them as trustworthy software. Multiple security researchers have reported that they\u2019ve amassed collections of suspicious software<\/strong> samples that use at least two of NVIDIA\u2019s now stolen digital certificates. <\/p>\n\n\n\n

The certificates appear to be part of a data payload that was recently released by a group of criminal hackers<\/strong> affiliated with the Lapsus$ ransomware crew. The group put forth that it had breached NVIDIA\u2019s network security and stolen an extensive cache of sensitive internal data. Included in this data are the stolen digital certificates. <\/p>\n\n\n\n

While one of the stolen security certificates has been found to date back to 2014, it remains a recognized, valid, and trusted certificate to Windows systems. What this means is that hackers<\/strong> can now develop and release malware payloads and use the stolen certificates to make them appear as if they come directly from NVIDIA<\/strong>. <\/p>\n\n\n\n

NVIDIA is yet to respond to requests for comment concerning the leak of the certificates. However, the GPU giant maintains that the network breach didn\u2019t result in any significant disruption to its day-to-day operations, and it doesn\u2019t foresee this to change. In a statement earlier this week, NVIDIA said the following: \u2018Shortly after discovering the incident, we further hardened our network, engaged cybersecurity incident response experts<\/strong>, and notified law enforcement. <\/p>\n\n\n\n

Researchers have, in the meantime, posted Yara rules<\/strong> that can detect and block malicious downloads and suspected malware. However, many end-users could still inadvertently install malware that they believe to be NVIDIA graphics card firmware, driver, and software updates. <\/p>\n\n\n\n

The breach apparently comes as a way to force NVIDIA to remove the Lite Hash Rate<\/strong> restrictions that make it impossible for its GPUs to perform the necessary equations to mine cryptocurrency. <\/p>\n\n\n\n

While you wait for NVIDIA to rectify the certificate leak, why not check out our comprehensive review of your built-in Windows Defender<\/a> security utility? Windows Defender is anti-malware software pre-installed on every Windows 10 and 11 devices to protect you in the sometimes dangerous online landscape. While you\u2019re browsing, check out this next-gen feature that makes Windows Defender even stronger<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Digital certificates stolen from NVIDIA during a recent network security breach are currently used in suspicious software payloads or malware to try and trick users\u2019 computers into treating them as trustworthy software. Multiple security researchers have reported that they\u2019ve amassed collections of suspicious software samples that use at least two of NVIDIA\u2019s now stolen digital … Continue reading “Stolen NVIDIA certificates used to make malware appear trustworthy”<\/span><\/a><\/p>\n","protected":false},"author":9222,"featured_media":184948,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[1015],"tags":[],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-184945","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/184945","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9222"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=184945"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/184945\/revisions"}],"predecessor-version":[{"id":324300,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/184945\/revisions\/324300"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/184948"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=184945"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=184945"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=184945"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=184945"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=184945"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=184945"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}