Massive 20GB Intel IP Data Breach Floods the Internet, Mentions Backdoors (Intel Responds)

(Image credit: Shutterstock)

Till Kottmann, a Swiss IT consultant, posted on Twitter a link to a file sharing service today that contains what an anonymous source claims is a portion of Intel's crown jewels: A 20GB folder of confidential Intel intellectual property. The leaker dubbed the release the "Intel exconfidential Lake Platform Release ;)." 

Update: Intel has responded to Tom's Hardware with an official statement:

"We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data."

Intel's Resource and Design Center is a website dedicated to providing the company's partners with NDA documentation for product integration purposes. Reports are also cropping up that some of the files are marked with NDA license agreements to "Centerm Information Co. Ltd., a Chinese company established and existing under the laws of the People's Republic of China," meaning this company could have been also hacked.

The folder appears to have been originally posted by an anonymous source that claims more is coming soon, and while we don't know the exact specifics of the folder's contents, we have verified that it does exist. In fact, the title of many of the documents do correlate to the list of purported information posted by the leaker:

  • Intel ME Bringup guides + (flash) tooling + samples for various platforms
  • Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
  • Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
  • Silicon / FSP source code packages for various platforms
  • Various Intel Development and Debugging Tools
  • Simics Simulation for Rocket Lake S and potentially other platforms
  • Various roadmaps and other documents
  • Binaries for Camera drivers Intel made for SpaceX
  • Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
  • (very horrible) Kabylake FDK training videos
  • Intel Trace Hub + decoder files for various Intel ME versions
  • Elkhart Lake Silicon Reference and Platform Sample Code
  • Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
  • Debug BIOS/TXE builds for various Platforms
  • Bootguard SDK (encrypted zip)
  • Intel Snowridge / Snowfish Process Simulator ADK
  • Various schematics
  • Intel Marketing Material Templates (InDesign)
  • Lots of other things

Kottman, who has been behind other data dumps of proprietary information in the past, claims the hacker "breached" Intel, which the company denies. Kottman also said the files were obtained earlier this year, adding "most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret." The source says more files will be shared soon, and "the future parts of this leak will have even juicier and more classified stuff."

Interestingly, Kottman also notes "If you find password protected zips in the release the password is probably either "Intel123" or "intel123". This was not set by me or my source, this is how it was acquired from Intel."

The posts encourage downloaders to look for mentions of 'backdoors' in some of the Intel source code, and even provides a sample clip of one such listing, but we aren't sure of the intentions behind the listings in the code.

The link is being widely distributed on Twitter, but it might be best to exercise caution – downloading any file from an untrusted source is always a risk. 

Paul Alcorn
Managing Editor: News and Emerging Tech

Paul Alcorn is the Managing Editor: News and Emerging Tech for Tom's Hardware US. He also writes news and reviews on CPUs, storage, and enterprise hardware.

  • Kamen Rider Blade
    I'm sure everybody who cares, including the competition will have already DLed these.
    Reply
  • Math Geek
    i'm thinking some internal info about the true state of 7/10 nm would be interesting to the lawsuits being filed. not sure it would be admissible but it could shed some light on who knew what and when if those docs are in the breach.
    Reply
  • JamesSneed
    Wow. Intel is one massive mess right now.
    Reply
  • jpe1701
    I hope the person who came up with that password isn't responsible for the security of the chips. Lol. But really what a dangerous leak. Tons of government, financial, and corporate computers run on Intel and they already have a tough time with security issues.
    Reply
  • JamesSneed
    "
    Interestingly, the tweeter also notes "If you find password protected zips in the release the password is probably either "Intel123" or "intel123". This was not set by me or my source, this is how it was acquired from Intel."
    "

    Really?
    Reply
  • King_V
    If I were at all intereted in perusing ANY of the data that was acquired:
    (very horrible) Kabylake FDK training videos

    THIS would be it.

    Could it be any more horrible than this?
    KvkAQpC52ME
    Reply
  • st379
    Intel is doing very well recently. Bright future.
    I hope Intel will continue to excel until there will be 50-50 market share.
    Reply
  • Bet Intel upper management is going bonkers right now lol
    Reply
  • IrConfused2
    Let me get this straight. Nobody was actually hacked. The anonymous user knew someone that works or worked for a company that had access to this data under NDA.

    Yes, its possible that that company got hacked but it was not Intel. Maybe the title of the article should be updated.
    Reply
  • vMax
    Very good point. It looks like someone got a hold of someones login credentials for the partner portal. Not good and nothing to be happy about for sure.

    IrConfused2 said:
    Let me get this straight. Nobody was actually hacked. The anonymous user knew someone that works or worked for a company that had access to this data under NDA.

    Yes, its possible that that company got hacked but it was not Intel. Maybe the title of the article should be updated.
    Reply