Dark-web kingpin puts 'stolen' internal AMD databases, source code up for sale

Updated AMD's IT team is no doubt going through its logs today after cyber-crooks put up for sale what is claimed to be internal data stolen from the US microprocessor designer.

The supposedly swiped information is being peddled on the recently revived the dark-web BreachForums souk. One or more criminals using the handle IntelBroker are offering, in exchange for cryptocurrency, what's claimed to be customer databases, upcoming product specifications and plans, internal financial figures and source code, firmware and ROMs, staff information – including names, user IDs, and phone numbers – and other sensitive info.

We've asked AMD what its next steps are. “We are aware of a cybercriminal organization claiming to be in possession of stolen AMD data," the Epyc and Ryzen design house told us. "We are working closely with law enforcement officials and a third-party hosting partner to investigate the claim and the significance of the data.”

• NHS boss says Scottish trust wouldn't give cyberattackers what they wanted
• Cops cuff 22-year-old Brit suspected of being Scattered Spider leader
• Akira: Perhaps the next big thing in ransomware, says Tidal threat intelligence chief
• What is RansomHub? Looks like a Knight ransomware reboot

Intelbroker, a BreachForums moderator, has become notorious in data thievery circles after distributing information said to have been stolen during high-profile intrusions of big-name targets. Last month Europol admitted someone had broken into one of its user groups and exfiltrated files. In April, Home Depot confirmed a third-party slip-up led to staff data being leaked, and that same month the Pentagon said one of its partners had also been hit. Intelbroker put data obtained in all three incidents up for grabs on the dark web.

Of course, there's a big difference between claiming to have high-level information to sell and actually possessing it. And anyone interested in chip design would be out of their mind to look at the purportedly stolen AMD blueprints, so it's really not much use for engineers, though for phishers, fraudsters, unscrupulous investors, and others, it's perhaps valuable.

The clock is ticking for Intelbroker. Police around the world are gunning for BreachForums again and those who use it. With so many high-profile digital burglaries, the scumbag will have a target on their back - particularly since they also claim to have handled data stolen from the US Army Missile Command, and the Green Machine isn't known for forgiving and forgetting. ®

Updated to add on June 20

AMD in a statement to the media has sought to downplay the theft, saying it believes "a limited amount of information related to specifications used to assemble certain AMD products was accessed on a third-party vendor site."

Meanwhile, Intelbroker is now peddling internal data supposedly stolen from Apple, which may or may not be a damp squib.