Intel Confirms Leak of Alder Lake BIOS Source Code

Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week.

The published content contains Unified Extensible Firmware Interface (UEFI) code for Alder Lake, the company’s 12th generation processors that was originally launched in November 2021.

In a statement shared with Tom’s Hardware, Intel said the leak doesn’t expose “any new security vulnerabilities as we do not rely on obfuscation of information as a security measure.”

It’s also encouraging the broader security research community to report any potential issues through its bug bounty program, adding it’s reaching out to customers to notify them of the matter.

Besides the UEFI code, the leaked data dump includes a plethora of files and tools, some of which appear to come from firmware vendor Insyde Software.

Exact details surrounding the nature of the hack, including its provenance, are unclear. The GitHub repository has since been taken down, although it remains accessible via other replicated versions.

That said, indications are that the repository had been created by an employee of LC Future Center, a Chinese manufacturer of computers and laptops.

Earlier this February, the LAPSUS$ extortionist group breached NVIDIA, siphoning 1TB of sensitive data. The threat actor later claimed that the company had launched a retaliatory ransomware strike to prevent the release of the stolen data.

Related Articles

Back to top button