An unknown individual has purportedly leaked the source code for Intel's Alder Lake BIOS onto 4chan, and a duplicate copy now appears to be posted to GitHub. The files are contained in a 2.8 GB zip file that expands to 5.86 GB after decompression, but we haven't been able to verify if the contents therein are genuine and actually contain sensitive source code.
UPDATE (10/9/2022): In a new story, we have reported that Intel has now confirmed the leak is legitimate and security researchers are analyzing the code for vulnerabilities.
News of the purported leak comes via Twitter postings from @glowingfreak and @vxunderground. We have reached out to Intel for comment.
The source code to the Intel Alder Lake has been leaked online.* Alder Lake CPU was released November 4, 2021* Source code is 2.8GB (compressed)* Leak (allegedly) from 4chan* We have not reviewed the entirety of the code base, it is massiveOctober 8, 2022
The file appears to contain a plethora of files and tools geared for building a BIOS/UEFI for Intel's Alder Lake platform and chipsets. It is unclear where the leaker obtained the files, but one of the documents does refer to "Lenovo Feature Tag Test Information." A few other clues have also emerged via the git log.
Even if the files are proven to include sensitive material, it's unclear if they could be used to develop exploits — especially if it was obtained from a source external to Intel. It's easy to imagine that most motherboard vendors and OEMs would have similar tools and information available to build firmware for Intel platforms, and Intel would likely scrub any overly-sensitive material before releasing it to external vendors. That said, any sensitive material in the hands of nefarious actors is never good, and small bits of information can lead to big vulnerabilities. Especially if it pertains to security features like the TPM (Trusted Platform Module).
While we don't know how the files were obtained, recent hacks have targeted outside vendors to steal information from semiconductor manufacturers indirectly, thus enabling ransom attempts.
The spate of recent attacks includes an attempt by RansomHouse to extort AMD after it obtained 56GB of data. AMD partner Gigabyte also had 112 GB of sensitive data stolen in the infamous 'Gigabyte Hack,' but AMD refused to pay the ransom for the latter hack. As a result, information about AMD's forthcoming Zen 4 processors was divulged before launch, which later proved genuine.
Nvidia also suffered a recent attack that resulted in the theft of 1TB of its data, but the GPU-making giant retaliated with its own operations to render the stolen data useless.
We don't know further details about the purported Intel leak, but we're working on learning more from the company. We'll update as necessary.
