Lately, we have seen increasing attacks of hackers on even some big tech brands. For example, earlier this year Nvidia suffers a ransomware attack by a group of hackers. This leads to the compromise of the internal system, resulting in the leak of 1TB of data including drivers, design drawings, and firmware. In the middle of this year, another hacker obtained a large amount of AMD data, and the leaked information about the Zen 4 architecture processor was later confirmed to be true.
Recently, something same happen with Intel, as per Tom’s Hardware, Intel has confirmed this by issuing a statement.
“Our proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities as we do not rely on obfuscation of information as a security measure. This code is covered under our bug bounty program within the Project Circuit Breaker campaign, and we encourage any researchers who may identify potential vulnerabilities to bring them our attention through this program. We are reaching out to both customers and the security research community to keep them informed of this situation.” — Intel spokesperson.
It has been revealed that after a major hacking attack, the source code of Intel Alder Lake (including BIOS and related chipset information) was leaked, and the capacity of the compressed file reached 2.8GB (full document) 5.86GB), the codebase is huge. We also come to know (via BleepingComputer) that all source code was developed by Insyde Software Corp, a UEFI system firmware development company.
The code was uploaded to the GitHub repository by a user named ‘LCFCASD’ which was later pulled down by GitHub. However, before that many users replicated it.
It’s unclear whether the data and documents came from Intel or its partners, such as OEMs, as one of the documents mentioned Lenovo’s “feature label test information.” If these data and files contain sensitive material, it is uncertain whether they can be used to develop some exploit programs, thus posing a security risk. Most motherboard vendors and OEMs have similar tools and information to build firmware for Intel platforms, Intel generally removes some content that is too sensitive, but even small information can lead to large vulnerabilities if related to security features such as TPM, then the situation is more serious.
Related Posts
What technology will be used in flying cars? Having a look at the technologies that will shape the transportation of the future
What is stopping smartphone gaming from becoming the next big thing? The problems, and the possible solutions
What are the 5 Types of Green Technology?
How Enterprise Technology is Revolutionizing Business Operations in 2024
What is ipconfig on Windows CMD used for?
Inside Kodak TV Factory: A Glimpse into the Manufacturing Process