Hackers using Pay2key malware, which has been used in the past by Iranian hacker groups, said on Twitter that they had managed to break into the systems of Intel’s Israeli Habana Labs. The hackers are suspected of hacking into the company’s network and gaining access to Intel’s plans and information regarding its new artificial intelligence accelerator Gaudi.
The group posted on their Twitter account a link to a directory of leaks and images of what they call the source code and internal processes of the lab, stating that they have “something special,” referring to Twitter accounts of Habana and its parent company, Intel. The hackers are clearly eager to demand a ransom, or at least embarrass the American chip giant.
The attackers also claimed to have gained access to the company’s domain controller, which in theory means they were able to compromise the entire network of the organization. If the internal network was connected to Intel, the hackers could gain access to the American organization. The criminals also claim to have a hash file containing detailed user data, including usernames and passwords.
The Pay2key malware made a splash in November when it was used to blackmail several Israeli companies. But this time we are talking more about full penetration of the servers of the Israeli laboratory Intel. The hackers appear to be criminally motivated because the technical details of the Gaudi accelerator, which was recently selected for use on AWS servers, are useless for strategic purposes.
Business espionage can also be virtually ruled out as it never involves disclosing stolen information due to the risk of being discovered. In the case of ransom attacks, it is common to disclose a sample of stolen data to show that the cyber thieves are serious and have data worth paying for.
Intel declined to comment on the post. The US National Cyber Security Administration said the incident is under investigation.
If you notice an error, select it with the mouse and press CTRL + ENTER.