Skip to main content
  1. Home
  2. Computing
  3. News

A massive data breach has left Intel scrambling for solutions

By

A security breach in March robbed MSI of up to 1.5TB of sensitive data. However, MSI is not the only company impacted.

As a result of the breach, Intel is now investigating a major leak of Intel Boot Guard keys. The extent of the damage is still unclear, but the worst-case scenario is that the security feature is now useless on compromised devices — and that’s a pretty lengthy list.

Recommended Videos

⛓️Digging deeper into the aftermath of the @msiUSA data breach and its impact on the industry.

🔥Leaked Intel BootGuard keys from MSI are affecting many different device vendors, including @Intel , @Lenovo, @Supermicro_SMCI, and many others industry-wide.

🔬#FwHunt is on! https://t.co/NuPIUJQUgr pic.twitter.com/ZB8XKj33Hv

— BINARLY🔬 (@binarly_io) May 5, 2023

Related

This whole fiasco seems to have begun with the MSI data breach that took place earlier this year. The Money Message extortion gang targeted MSI in March, saying that it managed to steal around 1.5TB of sensitive data. It demanded a ransom of $4 million to not leak the data to the public.

MSI refused to give in and didn’t pay the ransom, and unfortunately, the hacker gang followed through and started leaking the firmware source code of MSI’s motherboards.

According to Alex Matrosov, the CEO of Binarly, a security platform, the source code may have contained some really sensitive information, such as Intel Boot Guard private keys for 116 MSI products.

Intel Boot Guard prevents the loading of malicious firmware on Intel hardware. The fact that it’s now compromised makes this as much Intel’s problem as it is MSI’s. If threat actors gain access to these keys, they might be able to create powerful malware that’s capable of bypassing Intel’s security measures.

Matrosov claims that Intel Boot Guard may now be ineffective on some of Intel’s best processors, including Tiger Lake, Alder Lake, and Raptor Lake chips running on MSI-based devices.

A render of an Intel Core HX chip.
Image used with permission by copyright holder

In a statement to Bleeping Computer, Intel said: “Intel is aware of these reports and actively investigating. There have been researcher claims that private signing keys are included in the data, including MSI OEM Signing Keys for Intel BootGuard. It should be noted that Intel BootGuard OEM keys are generated by the system manufacturer, and these are not Intel signing keys.”

It’s hard to say precisely how big of an impact this leak might have. It’s possible that it opened the door to the creation of malware that can skip right past Intel Boot Guard, and that could be dangerous for affected devices.

If you’re using a build with an MSI motherboard and an Intel chip, take the usual security measures to stay safe. This includes not downloading files from sources you don’t trust and regularly scanning your computer with antivirus software, if you’re using any. We’ll have to wait for Intel and MSI to share more information on the data breach in order to know what happens next.

Editors’ Recommendations

Topics
Monica J. White
Monica J. White
Computing Writer
Monica is a computing writer at Digital Trends, focusing on PC hardware. Since joining the team in 2021, Monica has written…
With the arrival of Core Ultra, a new era for Intel has begun
A tray of Intel Core Ultra CPUs.

Intel's Meteor Lake processors represent more than just a new generation. It's a fresh start for Intel -- a cycle it seems to find itself in every few years -- and the birth of the AI PC. Most importantly, it's a sign that Intel can deliver on its road map with a fresh generation of processors built on a new node.

Meteor Lake ushers in the Intel 4 node, which we first heard about nearly three years ago with the launch of 11th-gen CPUs. It also marka the start of the Core Ultra era of CPUs, along with a consolidation of Intel's massive mobile CPU lineup. Now, processors fit into two camps: U-series for thin and light laptops, and H-series for more powerful machines.

Read more
Some surprising details on Intel’s upcoming 14th-gen laptops just leaked
Intel's new Intel Core Ultra badge.

One of the first laptops powered by Intel’s upcoming 14th-gen Meteor Lake CPUs has been spotted online, and based on what we're seeing, the prices look surprisingly affordable.

The information originated on X (formerly Twitter) from @momomo_us, who initially shared details about these new laptops via Newegg US. The post disclosed information about the expected CPUs and key specifications of the laptops. Among MSI's lineup of work laptops featuring Meteor Lake CPUs, the Prestige 13 and 16 are the first ones identified. The leak also mentions the CreatorPro 16 Studio, as well as popular gaming SKUs, the Stealth 14 and 16, although specs for these were not provided.

Read more
MSI has some massive QD-OLED monitor news in the works
Ratchet and Clank Rift Apart on the Samsung Odyssey OLED G8.

MSI is getting ahead of CES 2024 by revealing a few of its most anticipated products two months ahead of the showcase. The company is set to launch four QD-OLED gaming monitors in January, setting the tone for an event that should be packed with new monitor reveals.

For QD-OLED enthusiasts, the two most exciting announcements are a 32-inch 4K display with a 240Hz refresh rate and a 27-inch 1440p display with a 360Hz refresh rate. These sizes and resolutions mirror the QD-OLED monitors Alienware recently teased during TwitchCon, which we also expect to see at CES 2024.

Read more