Intel is investigating the leak of alleged private keys used by the Intel Boot Guard security feature, potentially impacting its ability to block the installation of malicious UEFI firmware on MSI devices. In March, the Money Message extortion gang attacked computer hardware maker MSI, and claimed to have stolen 1.5TB of data during the attack.
According to a report by BleepingComputer, the ransomware gang demanded a $4,000,000 ransom and, when it was not being paid, it began leaking the data for MSI on their data leak site. Last week, the threat actors began leaking MSI's stolen data, including the source code for firmware used by the company's motherboards.
On Friday, Alex Matrosov, the CEO of firmware supply chain security platform Binarly, warned that the leaked source code contains the image signing private keys for 57 MSI products and Intel Boot Guard private keys for 116 MSI products.
"Intel is aware of these reports and actively investigating. There have been researcher claims that private signing keys are included in the data including MSI OEM Signing Keys for Intel BootGuard," Intel said. "It should be noted that Intel BootGuard OEM keys are generated by the system manufacturer, and these are not Intel signing keys."
Sources cite that there is enough evidence that the whole Intel ecosystem is impacted by this MSI data breach. It's a direct threat to MSI customers. The Intel Boot Guard keys leak impacts the whole ecosystem (not only MSI) and makes this security feature useless.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
