News Malware authors are using stolen Nvidia certificates to make their software seem trustworthy

Nov 26, 2005
15,080
306
126
Article on Overclock3D. This seems pretty serious.


If this is not allowed please let me know, Thanks and

Beware!
 
Last edited:
  • Like
Reactions: Mopetar

GodisanAtheist

Diamond Member
Nov 16, 2006
6,685
6,945
136
Article on Overclock3D. This seems pretty serious.


If this is not allowed please let me know, Thanks and

Beware!

-Ya generally speaking stealing other people's stuff to make your own stuff is not allowed. Glad to clear that up and be of service.
 
  • Haha
Reactions: Mopetar

Fallen Kell

Diamond Member
Oct 9, 1999
5,997
415
126
Well, it comes down to supply chain at this point. You need to now trust the source of where you obtained the drivers (especially older ones that may not get signed under the new certs). This isn't really too big a problem as long as Nvidia maintains their download servers properly. That said, it is a big deal to people who are trying to obtain hacked drivers/firmware in order to unlock additional features or remove artificial degradation such as the controls for limiting crypto mining on recent cards. Anyone who is doing these kinds of activities need to be highly aware of the issues of more malware/viruses being hidden inside these drivers.
 

sdifox

No Lifer
Sep 30, 2005
94,569
14,849
126
Well, it comes down to supply chain at this point. You need to now trust the source of where you obtained the drivers (especially older ones that may not get signed under the new certs). This isn't really too big a problem as long as Nvidia maintains their download servers properly. That said, it is a big deal to people who are trying to obtain hacked drivers/firmware in order to unlock additional features or remove artificial degradation such as the controls for limiting crypto mining on recent cards. Anyone who is doing these kinds of activities need to be highly aware of the issues of more malware/viruses being hidden inside these drivers.


Umm, wouldn't it be more suspecious if a hacked driver is signed?
 

Fallen Kell

Diamond Member
Oct 9, 1999
5,997
415
126
Sure it would be suspicious if the hacked driver is signed. But like as I saying above, the issue isn't really as bad as people are making it out to be. If the people who hacked Nvidia release the private signing keys, it won't be long for Nvidia to revoke those keys. I have to believe that Nvidia has already revoked all user/login credentials that were in use across its entire platform, securing their data, webservers, and fileservers already. This prevents the hackers from being able to sign a hacked driver and upload it to Nvidia's site for download.

This only leaves man-in-the-middle and DNS-poisoning attacks for the hackers to point someone to their hacked drivers. But these types of attacks are becoming harder and harder to do with the adoption of DNS-Sec and the widespread use of https. Which again, means the only hacked drivers that are signed would be on third-party sites, which should be inherently not-trusted by anyone at this point, except for those people who are looking to find a hacked driver to unlock some kind of performance in their card that the official drivers do not support. And in that case, they are the people at risk and should already know that the driver they are grabbing has been modified and is a complete use at your own risk kind of thing.