In July 2019, to celebrate its 50th anniversary, AMD released its Radeon RX 5000 series powered by ‘Navi’ GPUs (Graphics Processing Unit). The source code for these devices is extremely sensitive and considered secret but perhaps not for much longer.
This week rumors began to circulate that an unnamed individual had somehow obtained the source for Navi 10, Navi 21 and Arden devices, the latter representing the rumored GPU for the yet-to-be-released Xbox Series X. Confirming whether such leaks are genuine is difficult but yesterday AMD took action which tends to support the theory.
In a DMCA notice sent to development platform Github, AMD identified the recently-created ‘xxXsoullessXxx’ repository and a project titled “AMD-navi-GPU-HARDWARE-SOURCE” as the location of its “stolen” intellectual property.
“This repository contains intellectual property owned by and stolen from AMD,” the semiconductor company wrote. “The original IP is held privately and was stolen from AMD.”
Github responded by immediately taking the repository down, as per AMD’s request. That prompted us to try and find the person behind the repo and to ask some questions about what AMD was trying to suppress. The individual informed TorrentFreak that AMD’s GPU source code was the content in question. (Responses edited for clarity)
“In November 2019, I found AMD Navi GPU hardware source codes in a hacked computer,” the person explained. “The user didn’t take any effective action against the leak of the codes.”
Questioned further on the route of extraction, we were told that a combination of factors led to the leak.
“The source code was unexpectedly achieved from an unprotected computer//server through some exploits. I later found out about the files inside it. They weren’t even protected properly or even encrypted with anything which is just sad.”
The individual, who claims to be female, told us that the package included code for Navi 10 and Navi 21 devices. She also confirmed that the source for the Xbox Series X GPU ‘Arden’ was part of the haul.
When asked whether the person had spoken to AMD about the leak, the answer was negative.
“I haven’t spoken to AMD about it because I am pretty sure that instead of accepting their mistake and moving on, they will try to sue me. So why not just leak it to everyone?” we were told.
The alleged leaker further told us that one “source code packet” had already been released. Whether that is limited to the material made available via Github remains unclear but TF was able to find links to a file-hosting site where an archive claiming to be the content was stored. Given the potentially criminal route via which the content was obtained, we did not download the package.
That AMD is concerned about the leak was underlined once again late yesterday. Having indicated in its initial complaint to Github that the source couldn’t be found anywhere else, the company later backtracked, identifying at least four other locations on Github where the project had been forked. All of those repos have been taken down.
While taking down the repositories is a logical first step for AMD, the gravity of this leak is hard to underestimate. The claimed hacker told TF that she valued the source at $100m but how that calculation was arrived at is unknown. While AMD considers its next steps, an even bigger storm may be heading the company’s way.
“If I get no buyer I will just leak everything,” the leaker concluded, adding that the files would be secured with passwords that will only be handed out to select individuals.
Update: Statement from AMD
At AMD, data security and the protection of our intellectual property are a priority. In December 2019, we were contacted by someone who claimed to have test files related to a subset of our current and future graphics products, some of which were recently posted online, but have since been taken down.
While we are aware the perpetrator has additional files that have not been made public, we believe the stolen graphics IP is not core to the competitiveness or security of our graphics products. We are not aware of the perpetrator possessing any other AMD IP.
We are working closely with law enforcement officials and other experts as a part of an ongoing criminal investigation.