Despite himself, the giant of the Graphic card
could be behind the “certification” of malware (malware
).
A fortnight ago, NVIDIA was the victim of a large-scale cyberattack which has since been claimed by the LAPSUS$ group. Among the many data stolen from the promoter of the GeForces, there is a question of important security codes.
NVIDIA “certified” malware
Indeed, alongside the DLSS source code, for example, there is also the question of the code used by NVIDIA developers to certify the new GeForce drivers, for example.
Such certificates are essential insofar as they make it possible to validate software, an executable. When the certificate is valid, Windows is then able to load the program with confidence.
According to Kevin Beaumont and Will Dormann, two security researchers quoted by BleepingComputerthe attack suffered by NVIDIA could lead to the creation of malware considered “trusted” by the operating system because it has the certificate used by NVIDIA.
In reality, the conditional is no longer appropriate if we are to believe the two researchers who point out that such malware has already been spotted, taking the example of the Trojan Quasar RAT.
It is to be hoped that the certificates in question would quickly be added to Microsoft’s blacklist, but this would obviously pose a problem with the legitimate drivers from NVIDIA.
Source: BleepingComputer
0