Last week, LAPSUS$, a South American hacking group that stormed NVIDIA's servers, issued an ultimatum demanding that NVIDIA completely open source the graphics driver and unlock the RTX 30 series mining restrictions, otherwise all the stolen data would be released.
As a result, to this day, the hackers still have not acted, and it is not known whether the conditions were negotiated with NVIDIA or some other reason.
Even so, the hackers still leaked a lot of confidential information about NVIDIA, including future GPU development plans, DLSS source code, 71355 employee information, and two seemingly insignificant digital signature certificates.
These two digital signatures actually expired as early as September 1, 2014 and July 26, 2018, respectively, but they are still validly available under the Windows system, and the results are quickly targeted by malware and viruses.
Security researchers found that mimikatz.exe, hamakaze .exe two malicious programs have hung up the leaked NVIDIA digital signature, disguised as a driver, passed the Windows system inspection, and left the antivirus software powerless.
The only way to prevent them at the moment is to manually add filtering rules to your antivirus software.
Supposedly, NVIDIA should have contacted Microsoft to invalidate the two digital signatures, but it may take a little time, and if you see an unknown file with these two signatures in the near future, you must be careful.