Intel's classified documents, including source codes, leaked online

An anonymous hacker claims to have breached Intel server earlier this year and stolen data from the system

Intel is investigating the alleged leak of more than 20 GB of its internal documents that have been uploaded online on a public file-sharing service.

Till Kottmann, a Swiss software engineer, published the classified documents on MEGA website, revealing that they were received from an anonymous hacker who claimed to have breached Intel earlier in 2020.

Kottmann manages a Telegram channel where he posts data that is accidentally leaked from leading tech firms through online web portals, cloud servers, and misconfigured Git repositories.

Kottmann dubbed the leaked data as "Intel exconfidential Lake" and said that much of the information is under strict non-disclosure agreement (NDA) and not published anywhere.

According to Kottmann, the initial release contains documents related to:

• Kabylake (Purley platform) BIOS reference code and sample code + initialisation code
• Intel ME Bringup guides + (flash) tooling + samples for various platforms
• Silicon/ FSP source code packages for various platforms
• Intel Consumer Electronics Firmware Development Kit SOURCES
• Various development and debugging tools
• Simics Simulation for Rocket Lake S
• Intel ' s binaries for camera drivers created for SpaceX
• Kabylake FDK training videos
• Schematics, Docs, Tools + Firmware for unreleased Tiger Lake platform
• Elkhart Lake Silicon Reference and Platform Sample Code
• Intel Trace Hub + decoder files for various Intel ME versions
• Verilog stuff for various Xeon Platforms
• Bootguard SDK (encrypted zip)
• Debug BIOS/TXE builds for various platforms
• Intel Marketing Material Templates (InDesign)
• Intel Snowridge/ Snowfish Process Simulator ADK
• Lots of other things

The hacker told Kottmann that they used the nmap port-scanning tool to scan the internet and found an unsecured Intel server on Akamai CDN. Using a custom Python script, they were able to guess default passwords and gain access to files and folders on the system.

Kottman said that "if you find password protected zips in the release the password is probably either "Intel123" or "intel123".

Kottmann also hinted at potential "backdoor" information being present in the leaked files, revealing that the word "backdoor" appeared twice in the source code associated with Intel ' s Purely Refresh chipset for Xeon CPUs.

In a statement, an Intel spokesperson said that Intel officials don ' t believe the leaked data came from a network breach. Rather, it appears to come from the Intel Resource and Design Centre, which hosts information for use by Intel ' s partners, customers, and other external parties.

The spokesperson said that a person with access to Intel ' s Resource and Design Centre probably downloaded the data and shared it with Kottmann.