Intel, the U.S. based global chip provider is investigating a data breach after highly confidential and restricted information was leaked onto online sharing website, MEGA.
The data was uploaded to MEGA by software engineer, Till Kottman after receiving the documents from an anonymous hacker who allegedly hacked Intel earlier this year. After analysis, the information has been verified and authenticated and contained intellectual property including chip blueprints and product guides.
Till Kottman is no stranger to viewing leaked data and even manages a Telegram channel where he posts about exposed data from misconfigured cloud services, Git repositories and online web portals.
Commenting on the news, Michael Barragry, operations lead at Edgescan, stated: “This looks very bad on several fronts. The relative ease with which a massive body of intellectual property was compromised is somewhat startling. The hack appears to have involved a fairly minimal combination of nmap scanning, some custom automation and a little bit of guesswork.
The cherry on top is the multiple references to “backdoors” within the compromised material. As stated, this does not necessarily mean we can deduce the presence of backdoors within Intel products, but there are historical examples of intelligence agencies attempting to “guide” industry in this direction. The Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG) example springs to mind, where it turned out that the NSA had paid RSA Security to implement a “possibly-backdoored” cryptographic algorithm within standard libraries to then be rolled out to industry.”