Intel Alder Lake source code leaked by hackers, its source is yet unclear

Lately, we have seen increasing attacks of hackers on even some big tech brands. For example, earlier this year Nvidia suffers a ransomware attack by a group of hackers. This leads to the compromise of the internal system, resulting in the leak of 1TB of data including drivers, design drawings, and firmware. In the middle of this year, another hacker obtained a large amount of AMD data, and the leaked information about the Zen 4 architecture processor was later confirmed to be true.

Recently, something same happen with Intel, as per Tom’s Hardware, Intel has confirmed this by issuing a statement.

“Our proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities as we do not rely on obfuscation of information as a security measure. This code is covered under our bug bounty program within the Project Circuit Breaker campaign, and we encourage any researchers who may identify potential vulnerabilities to bring them our attention through this program. We are reaching out to both customers and the security research community to keep them informed of this situation.” — Intel spokesperson.

It has been revealed that after a major hacking attack, the source code of Intel Alder Lake (including BIOS and related chipset information) was leaked, and the capacity of the compressed file reached 2.8GB (full document) 5.86GB), the codebase is huge. We also come to know (via BleepingComputer) that all source code was developed by Insyde Software Corp, a UEFI system firmware development company.

The code was uploaded to the GitHub repository by a user named ‘LCFCASD’ which was later pulled down by GitHub. However, before that many users replicated it.

It’s unclear whether the data and documents came from Intel or its partners, such as OEMs, as one of the documents mentioned Lenovo’s “feature label test information.” If these data and files contain sensitive material, it is uncertain whether they can be used to develop some exploit programs, thus posing a security risk. Most motherboard vendors and OEMs have similar tools and information to build firmware for Intel platforms, Intel generally removes some content that is too sensitive, but even small information can lead to large vulnerabilities if related to security features such as TPM, then the situation is more serious.