Skip to main content

The hacker group that recently broke into systems belonging to graphics chip maker Nvidia has released two of the company’s old code-signing certificates. Researchers warn the drivers could be used to sign kernel-level malware and load it on systems that have driver signature verification.

The certificates were part of a large cache of files that hackers claim totals 1TB and includes source code and API documentation for GPU drivers. Nvidia confirmed it was the target of an intrusion and that the hackers took “employee passwords and some Nvidia proprietary information,” but did not confirm the size of the data breach.

What happened with the Nvidia data breach?

On February 24 an extortion group calling itself LAPSUS$ claimed publicly that it had administrative access to multiple Nvidia systems for around a week and managed to exfiltrate 1TB of data including hardware schematics, driver source code, firmware, documentation, private tools and SDKs, and “everything about Falcon” — a hardware security technology embedded in Nvidia GPUs that’s meant to prevent those GPUs from being misprogrammed.

While Nvidia hasn’t released details about what was stolen beyond confirming a cyberattack resulting in breached data, LAPSUS$ followed up with the release of 20GB of data from the alleged cache as proof. The group also said it has information on Nvidia LHR (Lite Hash Rate), a technology that the company introduced on its RTX 30-series GPUs to allow them to detect when they’re being used for mining Ethereum cryptocurrency and lower their performance. The goal of this technology was to make high-performance Nvidia GPUs less appealing to cryptocurrency miners after these GPUs became almost impossible to obtain for regular gamers due to constant stock shortages.

To prove that they have the information, LAPSUS$ even released a tool the group claims allows users to bypass the LHR limitation without reflashing the GPU firmware. Then the group changed their demands and asked the company to completely open source their GPU drivers on all systems, including Linux where the lack of an open-source Nvidia driver has been a contentious point for many years in the community and is seen as one of the reasons why game development studios have not embraced Linux as a platform.

Why are code-signing certificates important?

Code-signing certificates are certificates that chain back to Microsoft certificates including in Windows. Running applications that are not signed is possible on Windows, but they trigger more visible security alerts than running applications signed by a trusted developer.

More importantly, by default, Windows does not allow the installation of a driver that is not digitally signed with a trusted certificate. This digital signature enforcement for drivers is an important security feature because, unlike regular user mode applications, drivers run with kernel privileges, so they have access to the most privileged areas of the operating system and could disable security products. Before this security feature was introduced, rootkits (root-level malware) were a common occurrence on Windows.

File digital signatures are also being used by application whitelisting solutions to restrict which applications can be executed on systems, and to some extent by antivirus programs, even though the presence of a digital signature alone should not serve as sole indication of whether a file is clean or malicious. Code-signing certificates have been stolen from developers before and hackers can even buy them through different channels.

The problem is that certificate revocations or expirations are not checked or enforced by all Windows security mechanisms, including the one that checks if loaded drivers are signed, as explained in this DEF CON talk on Windows rootkits by Zoom security researcher Bill Demirkapi. A restriction was introduced on Windows 10 build 1607 and higher with Secure Boot enabled where drivers need to be signed with EV (extended validation) certificates. EV certificates require extensive identity verification of the person or entity who requests the certificate and are therefore harder to obtain and more expensive.

The Nvidia code-signing certificates released by LAPSUS$ are expired since 2014 and 2018, respectively, and are not EV, but they can still be used to sign malicious code that will be loaded into the kernel on older Windows systems. They can also be used to attempt to evade detection by some security products.

Researcher Florian Roth has already found two hack tool samples signed with one of the certificates on VirusTotal: A copy of the Mimikatz password dumping tool and a copy of the Kernel Driver Utility (KDU) which can be used for process hijacking. Researcher Mehmet Ergene found even more malicious files signed with the certificate, including a remote access trojan (RAT) for Discord. More malware that abuses the Nvidia certificates for legitimacy is expected to appear.

Roth and Ergene have released a YARA rule and a query for Microsoft Defender for Endpoint (MDE) that can be used by security teams to search for files signed with these certificates in their environments. Microsoft also offers a Windows Defender Application Control policy to block malicious drivers that can be customized to add new ones, and an attack surface reduction (ASR) rule from Microsoft Defender for Endpoint.


All rights reserved Jenson Knight.