Intel hacked, first wave of stolen chip data released in 20GB dump

Posted:
in General Discussion edited August 2020
A hacker has released 20GB of confidential chip engineering data stolen from Intel, with the data made available potentially leading to new zero-day threats for users across multiple platforms.

Intel hacked, first wave of data dumped in 20GB package
Intel hacked, first wave of data dumped in 20GB package


The hacker linked to a post on secret messaging platform, Telegram, detailing the contents of the leak and a Mega file attached at the bottom. While the contents are harmless on their own, they contain BIOS information and source code of proprietary Intel technology that could be used in building malware.

Billing it as "Intel exconfidential Lake," the hacker claims the data has not been published anywhere and much of the information is under strict NDA. The data was allegedly acquired by an anonymous source who breached Intel earlier in 2020.

Intel exconfidential Lake Platform Release ;)

This is the first 20gb release in a series of large Intel leaks.

Most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret. pic.twitter.com/KE708HCIqu

-- Tillie 1312 Kottmann #BLM (@deletescape)


The following list was provided as a partial overview of the 20GB file:
  • Intel ME Bringup guides + (flash) tooling + samples for various platforms
  • Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
  • Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
  • Silicon / FSP source code packages for various platforms
  • Various Intel Development and Debugging Tools
  • Simics Simulation for Rocket Lake S and potentially other platforms
  • Various roadmaps and other documents
  • Binaries for Camera drivers Intel made for SpaceX
  • Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
  • (very horrible) Kabylake FDK training videos
  • Intel Trace Hub + decoder files for various Intel ME versions
  • Elkhart Lake Silicon Reference and Platform Sample Code
  • Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
  • Debug BIOS/TXE builds for various Platforms
  • Bootguard SDK (encrypted zip)
  • Intel Snowridge / Snowfish Process Simulator ADK
  • Various schematics
  • Intel Marketing Material Templates (InDesign)
BIOS code for Kabylake and other processors could mean trouble for those users if hackers find ways to manipulate the code and get it installed on target computers. Perhaps the most damaging is the tools and firmware for the Tiger Lake platform, which could lead to malware before the product ever comes to market.

While likely useless, the fact that the camera drivers made for SpaceX are within the breach shows the breadth of data being sourced.

Password protected documents seem to be lacking any security too, as they have the password "intel123" or "Intel123," which are too easily guessed for what are considered "highly confidential documents."

What this means for Mac users

These leaked documents are harmless on their own. The files are out there though, and bad actors will definitely be scraping through to find any useful vulnerability to attack.

As it is with any malware, it must be installed to the computer in order to attack. If any such malware is created by this, users will have to willingly bypass the security protocols built into macOS. Some attacks can be hidden within files or physical drives, so always be aware of where your hardware or software is coming from.

For now, there is no evidence of any exploits actively in the wild as a result of the database.

Apple Silicon will replace Intel processors over the next two years
Apple Silicon will replace Intel processors over the next two years


Apple has announced its intent to move the entire Mac line to Apple Silicon within the next two years. This move was prompted by Intel's inability to keep up with market demand for smaller processes, but also apparently stemming from security issues as well.

Apple builds their devices from the ground up for security and privacy across the board. Apple has never suffered a large scale data breach or malware attack related to their custom processors. Expect the first Mac with Apple Silicon to ship by the end of 2020.
«1

Comments

  • Reply 1 of 40
    jdb8167jdb8167 Posts: 621member
    I'm starting to feel bad for Intel. They are not having a good year.
    napoleon_phoneapartBeatsanantksundaramelijahgGG1jony0dewmewatto_cobra
  • Reply 2 of 40
    SpamSandwichSpamSandwich Posts: 33,408member
    This needs to be an automatic death penalty offense.

    And if China is behind this, it’s as good as a declaration of war.
    edited August 2020 jimh2napoleon_phoneapartBeatsgeorgie01anantksundaramlkruppboltsfan17cat52
  • Reply 3 of 40
    DAalsethDAalseth Posts: 1,809member
    This needs to be an automatic death penalty offense.

    And if China is behind this, it’s as good as a declaration of war.
    OK let’s not fly off the handle here.
    No, even if China is behind it, which nis very unlikely, it is not “as good as a declaration of war”. It would be bad, but let’s not let the hysteria lead to something that gets people killed. 

    wonkothesanemwhiteXedleavingthebiggOferjony0earlygeekGrayeaglemuthuk_vanalingamCloudTalkin
  • Reply 4 of 40
    sflocalsflocal Posts: 5,816member
    This needs to be an automatic death penalty offense.

    And if China is behind this, it’s as good as a declaration of war.
    This doesn't seem to be China's paws on it.  Usually these kind of breaches are done by folks in the U.S., or in Europe's eastern bloc.  

    I agree with you though that people that do this stuff should face a super severe penalty... decades in jail at the minimum.  It's the only way to really send a message to other miscreants that if you play this game, expect harsh consequences.  
    georgie01muthuk_vanalingamwatto_cobra
  • Reply 5 of 40
    AstraxAstrax Posts: 1member
    This needs to be an automatic death penalty offense.

    You're right, we should put the NSA in jail for putting backdoors in our CPUs. Instead of making the average computer more secure, these script kiddos want access into every computer (might I remind you that China is making their own silicon so these are meaningless).

    When are these companies going to realize that security through obscurity never works...
    edited August 2020 elijahgXedMacQcmuthuk_vanalingamFileMakerFellerStrangeDayswatto_cobra
  • Reply 6 of 40
    Ouch. I once worked in DCG at JF5. Thankfully I left a few years ago because all those documents were daily tools for my group. In fact, I'm thinking of a particular disgruntled, self-absorbed employee who may have leaked the information.

    The leaker may be easily caught because the intersection of the groups that worked on each of those projects will point back to a small number of people... 3 at best, and 1 "development partner."
    Beatscat52kuduwatto_cobra
  • Reply 7 of 40
    Rayz2016Rayz2016 Posts: 6,957member
    This needs to be an automatic death penalty offense.

    And if China is behind this, it’s as good as a declaration of war.
    War, you say. 

    Were you thinking conventional or go nuclear straight away?
    XedleavingthebiggOferearlygeekmuthuk_vanalingamCloudTalkinbestkeptsecretmacpluspluskududysamoria
  • Reply 8 of 40
    BeatsBeats Posts: 2,639member
    Astrax said:
    This needs to be an automatic death penalty offense.

    You're right, we should put the NSA in jail for putting backdoors in our CPUs. Instead of making the average computer more secure, these script kiddos want access into every computer (might I remind you that China is making their own silicon so these are meaningless).

    When are these companies going to realize that security through obscurity never works...

    You mean in ANDROID devices. The NSA has not gotten their dirty hands into Apple products.
    mwhitecat52watto_cobra
  • Reply 9 of 40
    mdriftmeyer said:

    The NSA/CIA have been hacking China, RUSSIA, even our own allies for decades. 
    Really? Even corporate IP and trade secrets? (I realize that there is -- or at least, could be -- a lot of national security-related spying and hacking, but that's par for the course, since every country does it to both friends and foes).

    I'd love to see the evidence.
    earlygeekSpamSandwichspock1234watto_cobra
  • Reply 10 of 40
    elijahgelijahg Posts: 2,496member
    Beats said:
    Astrax said:
    This needs to be an automatic death penalty offense.

    You're right, we should put the NSA in jail for putting backdoors in our CPUs. Instead of making the average computer more secure, these script kiddos want access into every computer (might I remind you that China is making their own silicon so these are meaningless).

    When are these companies going to realize that security through obscurity never works...

    You mean in ANDROID devices. The NSA has not gotten their dirty hands into Apple products.
    That’s not what leaks have suggested. And since companies aren’t allowed to disclose NSA infiltration how are you to be sure?
    AstraxgatorguyGrayeaglemuthuk_vanalingam
  • Reply 11 of 40
    BeatsBeats Posts: 2,639member
    elijahg said:
    Beats said:
    Astrax said:
    This needs to be an automatic death penalty offense.

    You're right, we should put the NSA in jail for putting backdoors in our CPUs. Instead of making the average computer more secure, these script kiddos want access into every computer (might I remind you that China is making their own silicon so these are meaningless).

    When are these companies going to realize that security through obscurity never works...

    You mean in ANDROID devices. The NSA has not gotten their dirty hands into Apple products.
    That’s not what leaks have suggested. And since companies aren’t allowed to disclose NSA infiltration how are you to be sure?

    Can I see some proof that the NSA has installed hardware or software into Apple products?

    It's an open "secret" that the NSA is working with android. The NSA and Google acknowlege it openly. But no one gives a sh** unless it involves Apple.

    https://www.computerworld.com/article/2501454/nsa-releases-security-enhanced-version-of-android.html

    https://www.androidauthority.com/nsa-android-code-239118/

    https://www.sfgate.com/tech/article/NSA-refining-Google-s-code-for-Android-system-4663940.php

    "And since companies aren’t allowed to disclose NSA infiltration how are you to be sure?"

    Links above.

    The "Apple probably does too!" argument is invalid to me.
    patchythepiratecat52StrangeDaysspock1234watto_cobra
  • Reply 12 of 40
    I found Intel’s public statement on this:

    Ugh, darn, this totally sucks! Also, we totally had nothing to do with this leak, I mean, even though it would be a great cover for the fact that the company is quickly becoming obsolete, and even better cover for the fact that we’ve been supplying backdoors for a price for years, I mean *if* we’d been supplying them. Anyway, it definitely wasn’t us. Oh, and can we have a bailout?

    edited August 2020 cat52spock1234austriacuswatto_cobra
  • Reply 13 of 40
    Rayz2016Rayz2016 Posts: 6,957member
    SpamSandwich said:

    First of all, fuck off with your personal insults. 

    Well, that certainly escalated. 
    elijahgGG1MacQcmuthuk_vanalingamCloudTalkinFileMakerFellerdysamoriaStrangeDaysaustriacuswatto_cobra
  • Reply 14 of 40
    DAalsethDAalseth Posts: 1,809member
    This needs to be an automatic death penalty offense.

    And if China is behind this, it’s as good as a declaration of war.

    Grow a sack would you? The NSA/CIA have been hacking China, RUSSIA, even our own allies for decades. The entire globe hacks each other. Most of this work is done in Israel. The world is tired of bull shit wars. I have zero empathy for Intel. They've illegally bribed for decades to keep AMD and other competitors from gaining market share. They're scum and they know it. DELL and other third party OEMs, [Microsoft does this as well] were colluding together to gain advantages over their main competitors. I don't give a rat's ass about this hack.

    Intel lied for decades about their design flaws.
    I stand by the comment that hacking of this nature should result in the death, by any means available, of the hacker.

    “Deserves it! I daresay he does. Many that live deserve death. And some that die deserve life. Can you give it to them? Then do not be too eager to deal out death in judgement. For even the very wise cannot see all ends.”


    ― J.R.R. Tolkien, The Fellowship of the Ring

    XedOfermuthuk_vanalingambestkeptsecretFileMakerFellerbikerdudecaladanianStrangeDaysaustriacusbageljoey
  • Reply 15 of 40
    elijahgelijahg Posts: 2,496member
    Beats said:
    elijahg said:
    Beats said:
    Astrax said:
    This needs to be an automatic death penalty offense.

    You're right, we should put the NSA in jail for putting backdoors in our CPUs. Instead of making the average computer more secure, these script kiddos want access into every computer (might I remind you that China is making their own silicon so these are meaningless).

    When are these companies going to realize that security through obscurity never works...

    You mean in ANDROID devices. The NSA has not gotten their dirty hands into Apple products.
    That’s not what leaks have suggested. And since companies aren’t allowed to disclose NSA infiltration how are you to be sure?

    Can I see some proof that the NSA has installed hardware or software into Apple products?

    It's an open "secret" that the NSA is working with android. The NSA and Google acknowlege it openly. But no one gives a sh** unless it involves Apple.

    https://www.computerworld.com/article/2501454/nsa-releases-security-enhanced-version-of-android.html

    https://www.androidauthority.com/nsa-android-code-239118/

    https://www.sfgate.com/tech/article/NSA-refining-Google-s-code-for-Android-system-4663940.php

    "And since companies aren’t allowed to disclose NSA infiltration how are you to be sure?"

    Links above.

    The "Apple probably does too!" argument is invalid to me.
    What part of "companies aren’t allowed to disclose NSA infiltration how are you to be sure" and "that's not what the leaks have suggested" wasn't clear? Those links prove nothing other than the NSA releases some "security enhanced" version of Android. Those releases are by the NSA themselves, not a third party secretly forced to use NSA code. The NSA doesn't publicly post that they've forced companies to put in backdoors, compromised crypto engines etc.
    edited August 2020 seanj
  • Reply 16 of 40
    elijahgelijahg Posts: 2,496member
    Beats said:
    elijahg said:
    Beats said:
    Astrax said:
    This needs to be an automatic death penalty offense.

    You're right, we should put the NSA in jail for putting backdoors in our CPUs. Instead of making the average computer more secure, these script kiddos want access into every computer (might I remind you that China is making their own silicon so these are meaningless).

    When are these companies going to realize that security through obscurity never works...

    You mean in ANDROID devices. The NSA has not gotten their dirty hands into Apple products.
    That’s not what leaks have suggested. And since companies aren’t allowed to disclose NSA infiltration how are you to be sure?

    Can I see some proof that the NSA has installed hardware or software into Apple products?

    It's an open "secret" that the NSA is working with android. The NSA and Google acknowlege it openly. But no one gives a sh** unless it involves Apple.

    https://www.computerworld.com/article/2501454/nsa-releases-security-enhanced-version-of-android.html

    https://www.androidauthority.com/nsa-android-code-239118/

    https://www.sfgate.com/tech/article/NSA-refining-Google-s-code-for-Android-system-4663940.php

    "And since companies aren’t allowed to disclose NSA infiltration how are you to be sure?"

    Links above.

    The "Apple probably does too!" argument is invalid to me.
    Also since RSA was forced to break their encryption by the NSA, and RSA was used in macOS, iOS and pretty much everything else, you could argue that is proof enough. Even indirect interference can be enough to punch a hole though defences.
    Grayeaglemuthuk_vanalingam
  • Reply 17 of 40
    tzeshantzeshan Posts: 2,351member
    This needs to be an automatic death penalty offense.

    And if China is behind this, it’s as good as a declaration of war.
    This is the most distasteful post of the day. 
    mark fearingearlygeekmuthuk_vanalingamCloudTalkinkududysamoriaelijahgStrangeDayswonkothesaneaustriacus
  • Reply 18 of 40
    BeatsBeats Posts: 2,639member
    elijahg said:
    Beats said:
    elijahg said:
    Beats said:
    Astrax said:
    This needs to be an automatic death penalty offense.

    You're right, we should put the NSA in jail for putting backdoors in our CPUs. Instead of making the average computer more secure, these script kiddos want access into every computer (might I remind you that China is making their own silicon so these are meaningless).

    When are these companies going to realize that security through obscurity never works...

    You mean in ANDROID devices. The NSA has not gotten their dirty hands into Apple products.
    That’s not what leaks have suggested. And since companies aren’t allowed to disclose NSA infiltration how are you to be sure?

    Can I see some proof that the NSA has installed hardware or software into Apple products?

    It's an open "secret" that the NSA is working with android. The NSA and Google acknowlege it openly. But no one gives a sh** unless it involves Apple.

    https://www.computerworld.com/article/2501454/nsa-releases-security-enhanced-version-of-android.html

    https://www.androidauthority.com/nsa-android-code-239118/

    https://www.sfgate.com/tech/article/NSA-refining-Google-s-code-for-Android-system-4663940.php

    "And since companies aren’t allowed to disclose NSA infiltration how are you to be sure?"

    Links above.

    The "Apple probably does too!" argument is invalid to me.
    What part of "companies aren’t allowed to disclose NSA infiltration how are you to be sure" and "that's not what the leaks have suggested" wasn't clear? Those links prove nothing other than the NSA releases some "security enhanced" version of Android. Those releases are by the NSA themselves, not a third party secretly forced to use NSA code. The NSA doesn't publicly post that they've forced companies to put in backdoors, compromised crypto engines etc.

    I asked for proof, not an excuse to give Android a pass.

    "Security enhancement" by the NSA. Hahaha.
    cat52bestkeptsecretStrangeDaysspock1234
  • Reply 19 of 40
    BeatsBeats Posts: 2,639member
    elijahg said:
    Beats said:
    elijahg said:
    Beats said:
    Astrax said:
    This needs to be an automatic death penalty offense.

    You're right, we should put the NSA in jail for putting backdoors in our CPUs. Instead of making the average computer more secure, these script kiddos want access into every computer (might I remind you that China is making their own silicon so these are meaningless).

    When are these companies going to realize that security through obscurity never works...

    You mean in ANDROID devices. The NSA has not gotten their dirty hands into Apple products.
    That’s not what leaks have suggested. And since companies aren’t allowed to disclose NSA infiltration how are you to be sure?

    Can I see some proof that the NSA has installed hardware or software into Apple products?

    It's an open "secret" that the NSA is working with android. The NSA and Google acknowlege it openly. But no one gives a sh** unless it involves Apple.

    https://www.computerworld.com/article/2501454/nsa-releases-security-enhanced-version-of-android.html

    https://www.androidauthority.com/nsa-android-code-239118/

    https://www.sfgate.com/tech/article/NSA-refining-Google-s-code-for-Android-system-4663940.php

    "And since companies aren’t allowed to disclose NSA infiltration how are you to be sure?"

    Links above.

    The "Apple probably does too!" argument is invalid to me.
    Also since RSA was forced to break their encryption by the NSA, and RSA was used in macOS, iOS and pretty much everything else, you could argue that is proof enough. Even indirect interference can be enough to punch a hole though defences.

    All I ask for is proof. I have yet to see the NSA's hands in Apple devices. Android opened it's legs for the NSA, while the government in general hates Apple for being closed.
    cat52bestkeptsecretStrangeDaysspock1234
  • Reply 20 of 40
    If China is behind it? Why would they be behind it? You may as well blame aliens from Mars considering the logic in your statement.

    DAalseth said:
    This needs to be an automatic death penalty offense.

    And if China is behind this, it’s as good as a declaration of war.
    OK let’s not fly off the handle here.
    No, even if China is behind it, which nis very unlikely, it is not “as good as a declaration of war”. It would be bad, but let’s not let the hysteria lead to something that gets people killed. 


    muthuk_vanalingam
Sign In or Register to comment.