The chip allows attackers to use the servers as backdoors

Oct 4, 2018 16:31 GMT  ·  By  ·  Comment  · 
Share:             

Apple and Amazon denied knowledge of the microchips found Supermicro's server motherboards used as hardware backdoors into the networks of companies using them, as reported by Bloomberg Businessweek.

The servers containing the hardware backdoor have been bought by more than 30 companies, among them being Apple, Amazon, a major bank, and government contractors.

The grain of rice-sized microchip was initially found on Supermicro server motherboards in late spring 2015 by a third party company hired by Amazon Web Services (AWS) to do a background hardware check before using them for building a CIA highly secure cloud.

Subsequent investigations concluded that the microchip found on Supermicro's motherboards was used as a backdoor for accessing the network of any company using the tampered servers.

Furthermore, it was determined that the chips were added to the Supermicro motherboards while they were assembled in China by manufacturing subcontractors.

Official U.S. investigators came to the conclusion that the chips were embedded by People’s Liberation Army operatives, effectively turning Supermicro into the ideal mule for the perfect Chinese hardware-based spy toolkit.

Apple denies knowing about the compromised Supermicro servers or an official investigation regarding the issue

According to Bloomberg's report, Apple discovered the chips within servers bought from Supermicro in May 2015 when weird network activity was observed in their server farms as stated by two senior Apple insiders.

Apple reported the incident to the FBI but did not release any of the details publicly or within the company, although it removed around 7,000 Supermicro servers from their data centers in just a few weeks, subsequently completely parting ways with Supermicro in 2016.

That happened despite Apple supposedly planning to expand their Supermicro server fleet to 20,000 servers, spread across 17 locations worldwide, as Bloomberg learned from Apple insiders.

Both Apple and Amazon deny knowing about Supermicro's backdoored servers, as Cupertino "has never found malicious chips, ‘hardware manipulations’ or vulnerabilities purposely planted in any server," according to an Apple spokesperson.

"We have repeatedly and consistently offered factual responses, on the record, refuting virtually every aspect of Bloomberg’s story relating to Apple," also said the spokesperson in a mail sent to Bloomberg.

Photo Gallery (2 Images)

The malicious chip
The spy chip's location on a Supermicro motherboard
Open gallery
  Click to load comments
This enables Disqus, Inc. to process some of your data. Disqus privacy policy

Related Stories

Fresh Reviews

Latest News