Ransomware

Intelbroker Advertises Massive AMD Data Breach On Dark Web

According to the hacker's assertions, the AMD data leak involves a wide range of sensitive information extracted from AMD's databases.

by Ashish Khaitan June 18th, 2024

Share on LinkedInShare on Twitter

The notorious threat actor known as Intelbroker claims to have orchestrated a massive data breach of AMD, a top player in the semiconductor industry. The unconfirmed AMD data breach, disclosed on the notorious BreachForums site, shared details into the intrusion, with multiple data samples shared to the dark web forum users. 

Intelbroker claims the AMD data leak encompasses a vast array of sensitive information from AMD’s databases. This includes detailed data on future AMD products, specification sheets, customer databases, property files, ROMs, source code, firmware, financial records, and comprehensive employee data such as user IDs, full names, job functions, phone numbers, and email addresses.

Decoding the AMD Data Breach Claims by Intelbroker

Source: Dark Web

Samples of the stolen data shared by Intelbroker highlight the potential severity of the AMD data leak. Screenshots and snippets from AMD’s internal systems, allegedly obtained by the threat actor, provide a glimpse into the breadth and depth of the compromised information. Such disclosures not only highlight the possible extent of the intrusion but also highlight potential vulnerabilities within AMD’s cybersecurity infrastructure.

The incident is not the first time AMD has faced a cybersecurity challenge. In 2022, the company was reportedly targeted by the RansomHouse hacking group, which claimed responsibility for extracting data from AMD’s networks. The 2022 breach, similar to the current incident, prompted AMD to launch an extensive investigation to assess the breach’s impact and fortify its defenses against cyber threats.

Intelbroker’s Modus Operandi

Intelbroker, the alleged perpetrator behind the new AMD data breach, has gained notoriety for a series of high-profile cyber intrusions targeting diverse organizations. Operating as a lone actor, Intelbroker has a documented history of penetrating critical infrastructure, major tech corporations, and government contractors. The hacker’s actions suggest a sophisticated approach to exploiting vulnerabilities and accessing sensitive information.

In previous instances, the hacker has claimed responsibility for breaches at institutions like the Los Angeles International Airport and Acuity, a U.S. federal technology consulting firm.

Data Samples and Technical Details

The data shared by Intelbroker includes technical specifications, product details, and internal communications purportedly from AMD’s secure servers. These samples, posted on breach forums, reportedly reveal intricate details about AMD’s upcoming products, financial documents, and proprietary software codes. Such disclosures not only could compromise AMD’s competitive advantage but also raise concerns about intellectual property theft and corporate espionage.

Technical codes and alphanumeric sequences, allegedly extracted from AMD’s databases, have been posted alongside screenshots on BreachForums. These snippets, though cryptic to the untrained eye, contain critical information about AMD’s internal systems and operational protocols. The exposure of such technical data could pose significant risks to AMD’s reputation and operational integrity.

Response and Investigation

The Cyber Express has reached out to AMD to learn more about the potential data breach. However, at the time of publication, no official statement or response has been received, leaving the claims for the AMD data leak unconfirmed for now.

Moreover, the official AMD website seems to be operational at the moment and doesn’t show any immediate sign of a cyberattack. The hacker could possibly have targeted the backend of the website or the databases instead of launching a front-end assault like a DDoS or a website defacement.

AMD’s response strategy will likely involve comprehensive forensic analysis, collaboration with cybersecurity agencies, and the implementation of enhanced security measures to mitigate future risks.

Previous Cyber Incidents Linked to Intelbroker

Intelbroker has demonstrated massive cyber operations beyond the alleged AMD data breach, targeting multinational corporations, government entities, and prominent tech firms globally. Notable breaches attributed to Intelbroker include infiltrations at Los Angeles International Airport (LAX), compromising millions of records encompassing personal and flight details.

The hacker also accessed sensitive data from U.S. federal agencies via Acuity, exposing vulnerabilities in government IT systems. Furthermore, Intelbroker claimed responsibility for a cyberattack on Shoprite, Africa’s largest retailer, highlighting their widespread impact.

These incidents highlight Intelbroker’s skill at exploiting security vulnerabilities to extract valuable data, posing significant challenges to affected organizations and cybersecurity professionals.

The motivations driving Intelbroker’s cyber activities range from financial gain through selling stolen data on dark web platforms to potential geopolitical agendas aimed at disrupting critical infrastructure and corporate operations. The Cyber Express will update readers as we get more information.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button