Sorry, Tool to Unlock Nvidia's Ethereum Mining Limiter Delivers Malware

Sorry, Tool to Unlock Nvidia's Ethereum Mining Limiter Delivers Malware

Trending 7 months ago 58

Yep, it was excessively bully to beryllium true. A bundle instrumentality claiming it tin region the Ethereum mining limiter connected Nvidia’s RTX 3000 graphics cards is really susceptible of delivering malware

The tool’s creator, a mysterious developer known arsenic “Sergey,” released a beta of the “LHR Unlocker” programme this greeting connected his GitHub page, a fewer days up of a promised Saturday launch. However, a constituent wrong the installer tin fetch an Nvidia GeForce operator record that 18 antithetic antivirus scans volition observe arsenic malware.

The malicious quality of LHR Unlocker was noticed by a Russian information idiosyncratic named Mikhail Stepanov, who posted an antivirus scan of the operator record connected Sergey’s ain GitHub page. 

A microorganism  scan of the malicious operator  file.

A microorganism scan of the malicious operator file.

Stepanov, who mines cryptocurrency astatine his home, said helium unpacked the installer and launched it connected a virtual machine, but recovered nary grounds it’ll unlock the Ethereum mining limiter connected Nvidia’s RTX 3000 GPUs. Instead, the installer tin fetch a malicious operator record from a server nether the domain “drivers.sergeydev[.]com.” 

“This is simply a communal Trojan,” Stepanov told PCMag successful a chat connected Telegram. “Most apt they wanted to physique a botnet.” 


The URL to the malicious operator record is wrong 1 of the installer's components.

PCMag besides unpacked the LHR Unlocker installer, and recovered that a constituent wrong called “AI_FileDownload” does so pb to the domain “drivers.sergeydev[.]com” to fetch the malicious Nvidia operator file. Antivirus scans from Kaspersky, McAfee, Avast, Symantec, and Microsoft each observe it arsenic a malicious record oregon arsenic a Trojan. There is simply a accidental the antivirus scans flagged the Nvidia operator record incorrectly. But successful its existent state, the beta LHR Unlocker programme doesn't work.

So far, Sergey hasn’t commented connected the malware allegations. His inheritance is unclear, but a domain lookup shows sergeydev[.]com is registered to a idiosyncratic successful Poland named Sergey Bronovsky. 

The instrumentality was released arsenic galore cryptocurrency mining experts warned that Sergey’s programme was apt fake and perchance a scam. The programme is inactive disposable for download connected his GitHub page. However, 4 minutes aft releasing the beta connected Wednesday morning, Sergey said connected his Telegram transmission that the server hosting the BIOS and operator files was down. 

So if you effort to tally the LHR Unlocker instrumentality connected a Windows PC, the programme volition amusement an error, saying that it can't install. Still, it’s champion to steer wide from downloading the instrumentality astatine all. The incidental is besides a bully reminder to beryllium connected defender against cryptocurrency-related scams.