Intel may have been breached by a hacker, as a pack of 20GB that circulates online seems to be valid.
The hacker claims that Intel’s poor security practices enabled him/her to enter and download the files.
Intel is still investigating the occurrence, but they confirmed the data comes from a restricted access platform.
A hacker has uploaded online 20GB of source code and various documents belonging to Intel and has already promised to upload a lot more soon. The pack was given the name “Intel exconfidential Lake Platform Release ;)”, and from what seems to be the case, it contains highly confidential information that Intel wouldn’t want to see published for sure.
Some of the staff that is found on the dump include the following filenames:
ME Bringup guides + (flash) tooling + samples for various platforms
Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
Silicon / FSP source code packages for various platforms
Various Intel Development and Debugging Tools
Simics Simulation for Rocket Lake S and potentially other platforms
Various roadmaps and other documents
Binaries for Camera drivers Intel made for SpaceX
Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
(very horrible) Kabylake FDK training videos
Trace Hub + decoder files for various Intel ME versions
Elkhart Lake Silicon Reference and Platform Sample Code
Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
Debug BIOS/TXE builds for various Platforms
Bootguard SDK (encrypted zip)
Intel Snowridge / Snowfish Process Simulator ADK
Various schematics
Intel Marketing Material Templates (InDesign)
Various other stuff
The actor reached out to an IT consultant who finds enjoyment in dissipating source code leaks and explained that Intel used an improperly secured Akamai CDN that allowed him/her to potentially access 370 servers.
The actor then allegedly used a custom Python script to quickly probe the server and locate accessible folders and files. As long as a valid file name guess was made, the person could enter the location folder and then access the entire directory.
Credits: @rombik_su | Twitter
Allegedly, the hacker exploited a second, separate misconfiguration as well, masquerading as an Intel employee to create a new user. And as for the password protection of the contained files, that would be either “Intel123” or “intel123,” which is typically used for stuff that the company shares with engineers and its partners.
It didn’t take long for Intel to respond to all that, and so here’s is what the told Tom’s Hardware: “We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners, and other external parties who have registered for access. We believe an individual with access downloaded and shared this data.”
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: