Intel Boot Guard private keys have reportedly leaked, compromising the security of many computers

MSI Cyborg 15 gaming laptop on a white desk
(Image credit: Future)

Update: Supermicro reached out to us stating that based on its current review, its products are not affected by this breach.

Original story: It seems like every other day there are scumbags out there perpetrating a new hack, taking advantage of a vulnerability or trying to extort people with ransomware. MSI is the latest victim, with hackers leaking material stolen from a breach of MSI's systems last month.

This one has the potential to be serious. According to tweets by Alex Matrosov, the founder of Binarly, at least some of the previously stolen 1.5TB of data has been leaked. The data includes private keys, some of which appear to be Intel Boot Guard keys. The leak of such keys doesn't just affect MSI systems, but those from other vendors too, including Lenovo and Supermicro.

Boot Guard is a cryptography technology designed to protect PCs from executing fake UEFI firmware or modified BIOS. Should an attacker bypass these checks, they could gain full access to a system, access secure data or use it for any number of scummy purposes.

The use of UEFI keys is especially concerning given the risk of so-called secondary downloads. Using traditional phishing or email delivery techniques, any malware developed subsequent to a firmware update using these keys would appear to be genuine, and antivirus software would ignore it.

Your next machine

(Image credit: Future)

Best gaming PC: The top pre-built machines from the pros
Best gaming laptop: Perfect notebooks for mobile gaming

The release of the data comes after a group calling itself Money Message claimed responsibility for the breach of MSI's internal systems (via Bleeping Computer). The group demanded a $4,000,000 payment from MSI. The release of the data would suggest that MSI didn't pay up.

The fallout from this leak will take time to analyze, not to mention the time it could take to develop mitigations. We can expect statements from the relevant parties in the coming days. 

In the meantime, take care and avoid downloading any BIOS, firmware, or system apps from anywhere other than the official sites. That goes for all system software, not just MSI's.  

Chris Szewczyk
Hardware Writer

Chris' gaming experiences go back to the mid-nineties when he conned his parents into buying an 'educational PC' that was conveniently overpowered to play Doom and Tie Fighter. He developed a love of extreme overclocking that destroyed his savings despite the cheaper hardware on offer via his job at a PC store. To afford more LN2 he began moonlighting as a reviewer for VR-Zone before jumping the fence to work for MSI Australia. Since then, he's gone back to journalism, enthusiastically reviewing the latest and greatest components for PC & Tech Authority, PC Powerplay and currently Australian Personal Computer magazine and PC Gamer. Chris still puts far too many hours into Borderlands 3, always striving to become a more efficient killer.