After the recent Garmin and Canon scandals, it seems that the new company to be attacked by hackers has been Intel. And is that currently the US chip manufacturer is investigating a security breach in which they would have leaked up to 20 GB of internal documents, with many files marked as “confidential” and “restricted secrets”, and among which would be information regarding their next release lines.
This leak has arrived today through the Swiss software engineer Till Kottmann, in a publication via Twitter and a download link hosted by MEGA. However, according to Kottmann himself, the extraction of these documents would go back to a hack carried out during the past month of May.
Intel exconfidential Lake Platform Release 😉
This is the first 20gb release in a series of large Intel leaks.
Most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret. pic.twitter.com/KE708HCIqu
– Tillie 1312 Kottmann #BLM 💛🤍💜🖤 (@deletescape) August 6, 2020
This is not the first leak of its kind to reach the hands of Till Kottmann, who has already published other sensitive data from large technology companies, which although filtered through various channels, is usually related to poorly configured Git repositories. Although on this occasion Kottmann’s source states having violated an Intel server «hosted online by Akami CDN which was not adequately secure«.
For its part, Intel has publicly denied having been the victim of a vulnerability. And is that the company suspects that the files may have been filtered by an internal source by someone with access to your «Resource and Design Center», a web portal that you use to give trading partners access to non-public technical documents on their chipsets.
Fortunately, the data dump does not appear to include sensitive data about Intel customers and employees. Although it could be a huge blow to the company, files and information regarding internal design and source codes for various chipsets have already been identified, with BIOS reference codes, sample codes for Kaby Lake, as well as schematics, tools. and firmware for the company’s upcoming Tiger Lake processors. Here is a small list with some of the issues already identified:
- Various debugging and development tools
- Intel ME Bringup guides + tools (flash) + samples for various platforms
- BIOS reference code and sample code + Kabylake initialization code (Purley platform)
- Intel CEFDK (Consumer Electronics Firmware Development Kit)
- Silicon / FSP source code packages for various platforms
- Simics Simulation for Rocket Lake S and potentially other platforms
- Binaries for camera drivers that Intel made for SpaceX
- Schematics, documents, tools + firmware for the unreleased Tiger Lake platform
- Kabylake FDK Training Videos
- Intel Trace Hub + decoder files for various versions of Intel ME
- Elkhart Lake Silicon Reference and Platform Sample Code
- Intel Snowridge / Snowfish ADK Process Simulator
- Marketing Material Templates (InDesign)
The source says more files will be shared soon, and «the future parts of this leak they will have even juicier and more classified things«.