Intel hacked, first wave of stolen chip data released in 20GB dump

A hacker has released 20GB of confidential chip engineering data stolen from Intel, with the data made available potentially leading to new zero-day threats for users across multiple platforms.

The hacker linked to a post on secret messaging platform, Telegram, detailing the contents of the leak and a Mega file attached at the bottom. While the contents are harmless on their own, they contain BIOS information and source code of proprietary Intel technology that could be used in building malware.

Billing it as "Intel exconfidential Lake," the hacker claims the data has not been published anywhere and much of the information is under strict NDA. The data was allegedly acquired by an anonymous source who breached Intel earlier in 2020.

The following list was provided as a partial overview of the 20GB file:

• Intel ME Bringup guides + (flash) tooling + samples for various platforms
• Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
• Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
• Silicon / FSP source code packages for various platforms
• Various Intel Development and Debugging Tools
• Simics Simulation for Rocket Lake S and potentially other platforms
• Various roadmaps and other documents
• Binaries for Camera drivers Intel made for SpaceX
• Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
• (very horrible) Kabylake FDK training videos
• Intel Trace Hub + decoder files for various Intel ME versions
• Elkhart Lake Silicon Reference and Platform Sample Code
• Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
• Debug BIOS/TXE builds for various Platforms
• Bootguard SDK (encrypted zip)
• Intel Snowridge / Snowfish Process Simulator ADK
• Various schematics
• Intel Marketing Material Templates (InDesign)

BIOS code for Kabylake and other processors could mean trouble for those users if hackers find ways to manipulate the code and get it installed on target computers. Perhaps the most damaging is the tools and firmware for the Tiger Lake platform, which could lead to malware before the product ever comes to market.

While likely useless, the fact that the camera drivers made for SpaceX are within the breach shows the breadth of data being sourced.

Password protected documents seem to be lacking any security too, as they have the password "intel123" or "Intel123," which are too easily guessed for what are considered "highly confidential documents."

What this means for Mac users

These leaked documents are harmless on their own. The files are out there though, and bad actors will definitely be scraping through to find any useful vulnerability to attack.

As it is with any malware, it must be installed to the computer in order to attack. If any such malware is created by this, users will have to willingly bypass the security protocols built into macOS. Some attacks can be hidden within files or physical drives, so always be aware of where your hardware or software is coming from.

For now, there is no evidence of any exploits actively in the wild as a result of the database.

Apple has announced its intent to move the entire Mac line to Apple Silicon within the next two years. This move was prompted by Intel's inability to keep up with market demand for smaller processes, but also apparently stemming from security issues as well.

Apple builds their devices from the ground up for security and privacy across the board. Apple has never suffered a large scale data breach or malware attack related to their custom processors. Expect the first Mac with Apple Silicon to ship by the end of 2020.