According to the latest reports, an unknown person would have leaked the source code of the BIOS of the Intel Alder Lake CPUs (Intel Core 12), in the well-known 4chan forums. Additionally, a copy of the source code has also been posted on GitHub. Specifically, we are talking about no less than 2.8 GB of compressed information, which reaches 5.86 GB once all the information is decompressed.
Given the size of this leak, it may take some time to assess what exactly the authors shared. Most of the data seems to cover information about the BIOS/UEFI or the Intel Core 12 chipset. If this leak is real, it could reveal some secrets that Intel engineers would probably prefer to keep secret.
So far, there are no reports of security-sensitive data being leaked. For example, nothing is mentioned about the source code for the Trusted Platform Module, which would be a much bigger problem for Intel. If this were the case, it could imply serious vulnerability problems for any user who uses one of these processors.
The theft of the Intel source code would have been carried out through Lenovo
Although the data clearly comes from Intel, the source of the leak might not be the CPU manufacturer itself. Some reports refer to “Lenovo Feature Tag Test”, which could suggest that it was your partner who has succumbed to hacking and information theft.
Even if the files are shown to include sensitive material, it is unclear whether they could be used to develop exploits, especially if they were obtained from a source outside of Intel. It’s easy to imagine that most motherboard vendors and OEMs have similar tools and information to build firmware for Intel platforms, and Intel would likely remove any overly sensitive material before handing it over to third-party vendors as a method of safety in these cases. So far, neither Intel nor Lenovo have commented on the theft of the information.
The source code to the Intel Alder Lake has been leaked online.
* Alder Lake CPU was released November 4, 2021
* Source code is 2.8GB (compressed)
* Leak (allegedly) from 4chan
* We have not reviewed the entirety of the code base, it is massive— vx-underground (@vxunderground) October 8, 2022
Companies succumb more and more easily to hacker attacks
Curiously, we are in a year where a lot of information has been leaked, and that is far from one of the most notorious cases, where Rockstar Games saw how numerous content of its next title, Grand Theft Auto VI (GTA 6), was leaked. In the world of technology, Gigabyte suffered an attack that resulted in 112 GB of stolen information, which led to numerous leaks from its partners, such as highly relevant information on AMD Ryzen 7000 processors and AMD Zen4 architecture. Even its partner, AMD, was also extorted by the RansomHouse hacker group after managing to steal 56 GB of data.
Before all of this, NVIDIA also had 1TB of data stolen. Not much was leaked from there, but of course, things got very serious when they not only announced that they would not allow themselves to be extorted, but that the FBI had entered the game to look for the culprits. We will have to wait to find out what the Intel leak ends up with. If any relevant report comes out of it, and of course, if it will imply any security problem for its users.