Project Hyphae
Search

Forged Signatures: Not Just For Troubled Youths Anymore. #Nvidia

Share This Post

As apart of the February 23rd ransomware attack on Nvidia by the Lapsus$ group, two Nvidia code-signing certificates were stolen and being used to sign Malware. The stolen code-signing certificates are expired, however they’re still recognized by Windows. This would allow drivers signed with the stolen codes to be loaded in the operating system. Below are the serial numbers used by the stolen certificates:

  • 43BB437D609866286DD839E1D00309F5
  • 14781bc862e8dc503a559346f5dcc518

Windows Defender Application Control Policies can be used to help mitigate this threat. For more information please see the following link: https://threatpost.com/nvidias-stolen-code-signing-certs-sign-malware/178784/



Reach out to our incident response team for help

More To Explore

Information Security News – 2/9/2026

Asian Government’s Espionage Campaign Breached Critical Infrastructure in 37 Countries Article Link: https://www.cybersecuritydive.com/news/asian-governments-espionage-campaign-breached-critical-infrastructure-in-3/811472/ CISA Tells Agencies to Stop Using Unsupported Edge Devices Article Link: https://cyberscoop.com/cisa-bod-directive-unsupported-edge-devices-firewalls-routers/

Jo Moldenhauer February 9, 2026

Information Security News – 2/2/2026

FBI Seizes RAMP Cybercrime Forum Used by Ransomware Gangs Article Link: https://www.bleepingcomputer.com/news/security/fbi-seizes-ramp-cybercrime-forum-used-by-ransomware-gangs/ U.S. Charges 31 Suspects in Nationwide ATM Jackpotting Scam Article Link: https://hackread.com/us-charges-atm-jackpotting-scam-suspects/ Nike

Jo Moldenhauer February 2, 2026

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.