Malware authors are using stolen Nvidia certificates to to make their software seem trustworthy

Nvidia's cyber-attack is getting more damaging by the day

Malware authors are using stolen Nvidia certificates to to make their software seem trustworthy

Old Nvidia software signing certificates are now being used to sign malware

Last month, Nvidia were attacked by LAPSUS$, a hacking group that stole more than 1TB of data from the company. These attackers gave Nvidia a set of demands, stating that they would not release the company's data if they complied. Nvidia has not met these demands, resulting in a lot of Nvidia's stolen data being leaked online. This data includes Nvidia's DLSS source code and a set of expired software signing certificates. 

Bleeping Computer has reported that malware authors are using Nvidia's software signing certificates to make their malicious software appear trustworthy. While Nvidia's stolen software signing certificates are expired, Windows PCs can still see signed software as legitimate. This presents a major security risk to PC users. 

Code signing certificates allow developers to sign their executables and drivers to allow Windows and Windows users to verify who created their software. This helps to ensure that software has not been tampered with by 3rd parties. Nvidia's stolen software signing certificates will allow malware to appear as if it is legitimate Nvidia software, at least until Microsoft revokes these certificates and updates their OS' to not load software that is signed by these certificates. 

Nvidia's driver signing code has reportedly been used to sign a Quasar remote access trojan, and other malware and hacking tools. Let's hope that Nvidia and Microsoft act quickly to limit the impact of this dangerous breach.

You can join the discussion on Nvidia's driver signing code being used by malware authors on the OC3D Forums

Malware authors are using stolen Nvidia certificates to to make their software seem trustworthy

«Prev 1 Next»

Most Recent Comments

x

Register for the OC3D Newsletter

Subscribing to the OC3D newsletter will keep you up-to-date on the latest technology reviews, competitions and goings-on at Overclock3D. We won't share your email address with ANYONE, and we will only email you with updates on site news, reviews, and competitions and you can unsubscribe easily at any time.

Simply enter your name and email address into the box below and be sure to click on the links in the confirmation emails that will arrive in your e-mail shortly after to complete the registration.

If you run into any problems, just drop us a message on the forums.