AMD admits hacker stole source code files related to its GPUs

Pierluigi Paganini March 28, 2020

AMD admitted that a hacker has stolen files related to some of its graphics products, but it downplayed the potential impact of the hack.

AMD admitted that a hacker that goes online with the moniker “Palesa” has stolen source code files related to some of its graphics products, but it downplayed the potential impact of the hack.

The hacker claims to have obtained files related to several AMD graphics processing units (GPUs), including the Navi 10 architecture and the upcoming Navi 21, and Arden.

Arden is believed to be the codename for the GPU that will be used in Microsoft’s next-gen Xbox Series X console. 

“In December 2019, we were contacted by someone who claimed to have test files related to a subset of our current and future graphics products, some of which were recently posted online, but have since been taken down,” reada a statement published by AMD.

“While we are aware the perpetrator has additional files that have not been made public, we believe the stolen graphics IP is not core to the competitiveness or security of our graphics products. We are not aware of the perpetrator possessing any other AMD IP.”

The company launched an investigation with the help of external experts, it is also working closely with law enforcement.

Palesa claims to have stolen the files directly from AMD, he plans to sell them to the highest bidder, he claims to have already received offers between $50,000 and $100,000. The offers are not enough for the hacker, he told TorrentFreak that he valued the source at $100M

Palesa also shared some of the stolen files on GitHub, but they were quickly removed as a result of a DMCA takedown request filed by vendor.

“The alleged leaker further told us that one “source code packet” had already been released. Whether that is limited to the material made available via Github remains unclear but TF was able to find links to a file-hosting site where an archive claiming to be the content was stored.” concludes TorrentFreak. “Given the potentially criminal route via which the content was obtained, we did not download the package.”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – AMD, data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment