The South American hacker group Lapsu$ has started leaking several hundreds of thousands of sensitive data files recently hacked from NVIDIA’s private servers. The group just released as many as 400,000 source files taking up nearly 20GB of storage via a torrent. As reported a short while back, the data includes the source code of DLSS 2.2, the LHR bypass code for the GeForce RTX 30 series graphics cards, and several other unreleased IPs.
According to Lapsu$, the latest batch of files leaked contains the source code for the LHR hash rate limiter which reduces the Ethereum mining performance on the RTX 30 series graphics cards. The code can supposedly be used to remove the limiter with a driver+firmware tweak.
-> Why don’t we share the LHR BYPASS directly?
It is a custom version of the driver and firmware.
We don’t think it’s a good idea to share (even if it works) a firmware and driver that can brick any Nvidia graphics card.
Any developer with a good brain can compile what we gave him.
-> Then why do we sell the LHR Bypass?
It is more advanced than what you will be able to see with the sources, if someone buys the LHR from us we will provide ways to load the LHR without flashing anything. (NO FLASHING = BIG MONEY FOR ANY MINDER DEVELOPER)
We will also provide documentation and buildable source code.
-> We mean no harm, but we’re willing to sell software that could, in fact, screw up the LHR, but don’t expect to get it for $10
Oh, and for those wondering, we’ve got everything on “falcon sec” and LHR. We share some of the “juicy ass” in the form of source code to make you happy. You could, in theory, screw LHR with what we gave you.
The hacker group is willing to sell the software implementation of the LHR bypass code to the highest bidder. According to the culprits, the unlocker exists in the form of a custom driver and firmware. They plan on making a relatively simpler version of the hack that removes the hash rate limiter via a registry tweak or something similar, without flashing the GPU. How much of this is true is hard to say, and considering the nature of the group, it’s highly unlikely that that data will ever fall in the public domain.