Intel is allegedly investigating an information leak that noticed delicate BootGuard non-public keys revealed on the darkish internet.
These non-public keys are designed to guard the gadgets from UEFI bootkits, malicious software program that’s put in on the machine’s firmware, establishing persistence even when the exhausting drive is changed.
The information was damaged by BleepingComputer, with out elaborating what this investigation entails. In response to the assault, Intel informed the publication “it ought to be famous that Intel BootGuard OEM keys are generated by the system producer, and these aren’t Intel signing keys.”
Ineffective options
What we do know is {that a} ransomware operator generally known as Cash Message broke into {hardware} producer MSI earlier this 12 months and stole delicate information.
The group claims it made away with 1.5TB of delicate info, together with supply code, firmware intel, and varied databases. So as to not publish the stolen information on the darkish internet, the group allegedly demanded $4 million in ransom.
MSI turned the supply down, claiming the assault and the stolen information represented no actual risk to its enterprise operations. In response, the risk actors made the information public.
After that, totally different cybersecurity researchers began analyzing the leaked information, with some discovering what seem like picture signing non-public keys for 57 MSI merchandise and Intel Boot Guard non-public keys for 116 MSI merchandise.
Researcher Alex Matrosov informed BleepingComputer that the leak might render Boot Guard ineffective on “eleventh Tiger Lake, twelfth Adler Lake, and thirteenth Raptor Lake” processors.
“Now we have proof the entire Intel ecosystem is impacted by this MSI information breach. It is a direct risk to MSI clients and sadly not solely to them,” he mentioned. “The signing keys for fw picture enable an attacker to craft malicious (opens in new tab) firmware updates and it may be delivered by way of a traditional bios replace course of with MSI replace instruments.”
“The Intel Boot Guard keys leak impacts the entire ecosystem (not solely MSI) and makes this safety characteristic ineffective.”
By way of: BleepingComputer (opens in new tab)
#Intel #investigating #BootGuard #safety #key #leak #MSI #hack
#geekleap #geekleapnews
