Intel investigating BootGuard security key leak following MSI hack

Sead Fadilpašić

May 9, 2023 at 1:14 PM·2 min read

Intel is allegedly investigating a data leak that saw sensitive BootGuard private keys published on the dark web.

These private keys are designed to protect the devices from UEFI bootkits, malicious software that’s installed on the device’s firmware, establishing persistence even if the hard drive is replaced.

The news was broken by BleepingComputer, without elaborating what this investigation entails. In response to the attack, Intel told the publication “it should be noted that Intel BootGuard OEM keys are generated by the system manufacturer, and these are not Intel signing keys."

Useless features

What we do know is that a ransomware operator known as Money Message broke into hardware manufacturer MSI earlier this year and stole sensitive data.

The group claims it made away with 1.5TB of sensitive information, including source code, firmware intel, and various databases. In order not to publish the stolen files on the dark web, the group allegedly demanded $4 million in ransom.

MSI turned the offer down, claiming the attack and the stolen files represented no real threat to its business operations. In response, the threat actors made the files public.

> Clop ransomware may have infected even more victims than previously thought

> Saks Fifth Avenue becomes latest Clop ransomware victim

> Check out the best firewalls right now

After that, different cybersecurity researchers started analyzing the leaked data, with some finding what appear to be image signing private keys for 57 MSI products and Intel Boot Guard private keys for 116 MSI products.

Researcher Alex Matrosov told BleepingComputer that the leak could render Boot Guard ineffective on “11th Tiger Lake, 12th Adler Lake, and 13th Raptor Lake" processors.

"We have evidence the whole Intel ecosystem is impacted by this MSI data breach. It's a direct threat to MSI customers and unfortunately not only to them," he said. "The signing keys for fw image allow an attacker to craft malicious firmware updates and it can be delivered through a normal bios update process with MSI update tools."

"The Intel Boot Guard keys leak impacts the whole ecosystem (not only MSI) and makes this security feature useless."

These are the best endpoint protection tools right now

Via: BleepingComputer

Yahoo Finance
Jamie Dimon is worried the US economy is headed back to the 1970s
JPMorgan's CEO is concerned the US economy could be in for a repeat of the stagflation that hampered the country during the 1970s.
10h ago
Yahoo Sports
Based on the odds, here's what the top 10 picks of the NFL Draft will be
What would a mock draft look like using just betting odds?
1d ago
Yahoo Sports
WNBA Draft winners and losers: As you may have guessed, the Fever did pretty well. The Liberty? Perhaps not
Here are five franchises who stood out, for better or for worse.
8d ago
Yahoo TV
Everyone's still talking about the 'SNL' Beavis and Butt-Head sketch. Cast members and experts explain why it's an instant classic.
Ryan Gosling, who starred in the skit, couldn't keep a straight face — and neither could some of the "Saturday Night Live" cast.
12h ago
Yahoo Sports
Jets trade QB Zach Wilson to Broncos
Wilson's starting over in Denver.
6h ago
Yahoo Sports
Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion
The Red Sox were already mourning the loss of Tim Wakefield from that 2004 team.
3d ago
Yahoo Sports
Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions
Reid's deal reportedly runs through 2029 and makes him the highest-paid coach in the NFL.
1d ago
Yahoo Sports
Ryan Garcia drops Devin Haney 3 times en route to stunning upset
The 25-year-old labeled "mentally fragile" by many delivered the upset for the ages.
3d ago
Yahoo Sports
NFL mock draft 2024: With one major trade-up, it's a QB party in the top 5
Our final 2024 mock draft projects four quarterbacks in the first five picks, but the Cardinals at No. 4 might represent the key pivot point of the entire board.
2d ago
Yahoo Sports
Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal
Cortés' attempt didn't fool Andrés Giménez, who fouled off the pitch.
4d ago

News

Life

Entertainment

Finance

Sports

New on Yahoo

Intel investigating BootGuard security key leak following MSI hack

Useless features

Recommended Stories

Jamie Dimon is worried the US economy is headed back to the 1970s

Based on the odds, here's what the top 10 picks of the NFL Draft will be

WNBA Draft winners and losers: As you may have guessed, the Fever did pretty well. The Liberty? Perhaps not

Everyone's still talking about the 'SNL' Beavis and Butt-Head sketch. Cast members and experts explain why it's an instant classic.

Jets trade QB Zach Wilson to Broncos

Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion

Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions

Ryan Garcia drops Devin Haney 3 times en route to stunning upset

NFL mock draft 2024: With one major trade-up, it's a QB party in the top 5

Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal