Earlier this year Nvidia was the victim of a hack on its network. The fallout was not trivial, as the group released a lot of proprietary information. It dumped the DLSS source code, information about upcoming GPUs, and also created workarounds for its anti-mining LHR technology. Now it’s AMD’s turn in the barrel, according to a new report. AMD has allegedly been hacked, with the perpetrators exfiltrating over 50GB of data. At this time it’s not clear if the data was taken directly from AMD or one of its partners.
The actual hack happened back in January of this year, but we’re just now learning about it. It’s not clear which group is responsible, as the outfit that is talking about it is either a middleman or bought the data from someone else. This group, known as RansomHouse, says on their website they don’t hack nor do they use malware. However, they are allegedly trying to negotiate a ransom from AMD. The group recently included AMD in an ominous list of companies on its website. It says the companies in the list “have either considered their financial gain to be above the interests of their partners/individuals who have entrusted their data to them or have chosen to conceal the fact they have been compromised.” This sounds like it should translate to “they haven’t paid the ransom.”
According to a summary by RestorePrivacy, the stolen data included network files, system information, and some AMD passwords. The group posted a sample of the data it has in its possession, but RestorePrivacy doesn’t say if it was able to verify the data or not. The group claims the data was easy to get as AMD used common passwords. These include the actual word “password,” as well as “123456” and “AMD!23” among others. The group says it has “more than 450 Gb” of AMD’s data. It’s not clear why it refers to it as gigabits instead of gigabytes. (Possibly to make the hack look larger – Ed)
RansomHouse claims its a “professional mediators community” instead of a hacking group. It claims it doesn’t create or deploy malware, nor does it encrypt any victims’ data. So far it lists six victims on its darknet website, including ShopRite, and the Saskatchewan Liquor and Gaming Authority (SLGA).
AMD has responded to questions about the breach with an official statement. “AMD is aware of a bad actor claiming to be in possession of stolen data from AMD. An investigation is currently underway,” said an AMD spokesperson.