Chinese Government Allegedly Used Supermicro Motherboards to Spy on US Enterprises

btarunr · Oct 4, 2018

In a development that underlines the national security necessity of moving electronics manufacturing out of China, server motherboards made by Supermicro in China, have been found to carry a "spy chip." This startling development is the result of a secret 2015 US Government investigation unearthed by Bloomberg. The Chinese government has allegedly been using hardware-based spyware in Supermicro motherboards that are manufactured in China; to spy on major American enterprises, including (but not limited to) Amazon Web Services and Apple, among others, who use Supermicro motherboards in their data-centers. The level of surveillance includes attempts to steal trade-secrets and intellectual property.

Fearing loss in business, affected cloud-computing providers, including AWS and Apple, have each posted strong denials that their hardware infrastructure is vulnerable to foreign government surveillance. Apple stated: "We are deeply disappointed that in their dealings with us, Bloomberg's reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple."

Amazon Web Services (AWS) stated: "As we shared with Bloomberg BusinessWeek multiple times over the last couple months, at no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in SuperMicro motherboards in any Elemental or Amazon systems.‎" The entity in the middle of the storm, the Chinese Government, posted a more restrained and cryptic denial. "China is a resolute defender of cybersecurity," said a Chinese Foreign Ministry spokesperson.

View at TechPowerUp Main Site

eidairaman1 · Oct 4, 2018

Well Supermicro will now be banned from the U.S.

What about Tyan?

R-T-B · Oct 4, 2018

Damn, I was starting to like Supermicro. I am curious what the actual chip is. If this is true, that should be easy to admit, and silence critics.

btarunr · Oct 4, 2018

R-T-B said:
Damn, I was starting to like Supermicro. I am curious what the actual chip is. If this is true, that should be easy to admit, and silence critics.

I'd point my finger at the IPMI chip.

Imagine the fountain of possibilities spouted by a compromised IPMI + iKVM + VGA chip with its own network interface.

R-T-B · Oct 4, 2018

btarunr said:
I'd point my finger at the IPMI chip.

I'd bet on that too but would prefer an official statement.

PerfectWave · Oct 4, 2018

wasnt china scare to be spyed by us when importing server from usa?

xkm1948 · Oct 4, 2018

Meanwhile I am pretty sure NSA has been spying on everyone using the now known CPU exploits. Pot calling kettle black.

Divide Overflow · Oct 4, 2018

My company won't touch networking, computer or telecommunications equipment manufactured in China.
While savings matter, your security is on the line.

R-T-B · Oct 4, 2018

xkm1948 said:
Meanwhile I am pretty sure NSA has been spying on everyone using the now known CPU exploits. Pot calling kettle black.

No, that's a tinfoil hat theory if you really understand the exploits. Spectre really isn't suitable for that unless you have about 10 years to acquire 10MBs.

TheoneandonlyMrK · Oct 4, 2018

R-T-B said:
No, that's a tinfoil hat theory if you really understand the exploits. Spectre really isn't suitable for that unless you have about 10 years to acquire 10MBs.

That's a bit missguided in a way, they don't need 10MB , just a few K's worth of key data and their on legit but i get and agree it's not a very workable initial intrusion.

R-T-B · Oct 4, 2018

theoneandonlymrk said:
That's a bit missguided in a way, they don't need 10MB , just a few K's worth of key data and their on legit but i get and agree it's not a very workable initial intrusion.

I mean that was just an example. Getting ANY data from a chosen point is fiendishly difficult.

BumbleBee · Oct 4, 2018

Chinese make really good food.... I'm just sayin'

the54thvoid · Oct 4, 2018

xkm1948 said:
Meanwhile I am pretty sure NSA has been spying on everyone using the now known CPU exploits. Pot calling kettle black.

Yup.

Every major power spies on every other one. The US was caught at it with its Western allies a few years ago (wikileaks?). Our own GCHQ is no Saint either.
Also, the companies concerned have stated it's not quite like Bloomberg says.

hat · Oct 4, 2018

the54thvoid said:
Also, the companies concerned have stated it's not quite like Bloomberg says.

A likely response, don't you think?

R0H1T · Oct 4, 2018

PerfectWave said:
wasnt china scare to be spyed by us when importing server from usa?

The Chinese, mainly CCP, are lying hypocrites ~ news @11 :laugh:

R-T-B said:
No, that's a tinfoil hat theory if you really understand the exploits. Spectre really isn't suitable for that unless you have about 10 years to acquire 10MBs.

Depends on the exploit, there's also meltdown & a few others like SGX & possibly another huge one that'll be revealed later this year :confused:

TheLostSwede · Oct 4, 2018

BumbleBee said:
Chinese make really good food.... I'm just sayin'

You mean this stuff?

On topic, I'd suggest reading the source article - https://www.bloomberg.com/news/feat...ny-chip-to-infiltrate-america-s-top-companies
They have some interesting graphics showing where on the boards the chip was found and some additional details about it.
It just doesn't sound that plausible, there must be more to it, as the size of the chip suggests it can't do much, but maybe it doesn't need to?

The Terrible Puddle · Oct 4, 2018

So Amazon and Apple are quick to come out and defend China

R0H1T · Oct 4, 2018

The Terrible Puddle said:
So Amazon and Apple are quick to come out and defend China

No they're defending themselves because if god forbid they knew about this, then they could be sued into oblivion & not just in the US, not to mention their brands would forever be tarnished.

R-T-B · Oct 4, 2018

the54thvoid said:
Yup.

Every major power spies on every other one. The US was caught at it with its Western allies a few years ago (wikileaks?). Our own GCHQ is no Saint either.
Also, the companies concerned have stated it's not quite like Bloomberg says.

I agree, just not with the idea that Spectre was being used. I am certain something was though.

Frick · Oct 4, 2018

btarunr said:
I'd point my finger at the IPMI chip.

Imagine the fountain of possibilities spouted by a compromised IPMI + iKVM + VGA chip with its own network interface.

That's the consensus.

TheLostSwede said:
It just doesn't sound that plausible, there must be more to it, as the size of the chip suggests it can't do much, but maybe it doesn't need to?

If all it does is giving them control over the BMC ... that is quite enough for many things to be done.

TheoneandonlyMrK · Oct 4, 2018

Frick said:
That's the consensus.

If all it does is giving them control over the BMC ... that is quite enough for many things to be done.

Kind of like dells server issues atm.

Frick · Oct 4, 2018

theoneandonlymrk said:
Kind of like dells server issues atm.

What issues are those?

TheoneandonlyMrK · Oct 4, 2018

Frick said:
What issues are those?

Said that they have older generation dmc (?i think that's what their called but network admin pc in the backend)hacked firmware issues

StrayKAT · Oct 4, 2018

lol.. damn. X299 Supermicro owner here. Hopefully it isn't affected. It may be Taiwan made.

edit: Reading more about it just pisses me off. Even as a customer, I hope they get crushed and China isolated even more as well.

Apple also deserves a beating.

"Three senior insiders at Apple say that in the summer of 2015, it, too, found malicious chips on Supermicro motherboards. Apple severed ties with Supermicro the following year, for what it described as unrelated reasons."

https://www.bloomberg.com/news/feat...ny-chip-to-infiltrate-america-s-top-companies

edit: Maybe this is a wakeup call to manufacture more in US..... or at least with it's ALLIES. Ugh. If SM decides to do that, I may not remain pissed.

R-T-B · Oct 4, 2018

I'm calling BS somewhere in that bloomberg article... big time. Some of the things they are claiming just aren't feasible (unless China has a secret 2nm node or something)...

Probable that some of it is true, but the part of it claiming that a chip the size of a SMD has a full CPU and network stack, capable of modifying modern 32-bit OS cores? Lol, no. It's piggybacking off something else, probably the IPMI. It makes me wonder how much else is lost in translation..

System Name	RBMK-1000
Processor	AMD Ryzen 7 5700G
Motherboard	ASUS ROG Strix B450-E Gaming
Cooling	DeepCool Gammax L240 V2
Memory	2x 8GB G.Skill Sniper X
Video Card(s)	Palit GeForce RTX 2080 SUPER GameRock
Storage	Western Digital Black NVMe 512GB
Display(s)	BenQ 1440p 60 Hz 27-inch
Case	Corsair Carbide 100R
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Cooler Master MWE Gold 650W
Mouse	ASUS ROG Strix Impact
Keyboard	Gamdias Hermes E2
Software	Windows 11 Pro

System Name	PCGOD
Processor	AMD FX 8350@ 5.0GHz
Motherboard	Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling	Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory	16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s)	AMD Radeon 290 Sapphire Vapor-X
Storage	Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s)	NEC Multisync LCD 1700V (Display Port Adapter)
Case	AeroCool Xpredator Evil Blue Edition
Audio Device(s)	Creative Labs Sound Blaster ZxR
Power Supply	Seasonic 1250 XM2 Series (XP3)
Mouse	Roccat Kone XTD
Keyboard	Roccat Ryos MK Pro
Software	Windows 7 Pro 64

System Name	Pioneer
Processor	Ryzen R9 9950X
Motherboard	GIGABYTE Aorus Elite X670 AX
Cooling	Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory	64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64 / Windows 11 Enterprise IoT 2024

System Name	RBMK-1000
Processor	AMD Ryzen 7 5700G
Motherboard	ASUS ROG Strix B450-E Gaming
Cooling	DeepCool Gammax L240 V2
Memory	2x 8GB G.Skill Sniper X
Video Card(s)	Palit GeForce RTX 2080 SUPER GameRock
Storage	Western Digital Black NVMe 512GB
Display(s)	BenQ 1440p 60 Hz 27-inch
Case	Corsair Carbide 100R
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Cooler Master MWE Gold 650W
Mouse	ASUS ROG Strix Impact
Keyboard	Gamdias Hermes E2
Software	Windows 11 Pro

System Name	Pioneer
Processor	Ryzen R9 9950X
Motherboard	GIGABYTE Aorus Elite X670 AX
Cooling	Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory	64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64 / Windows 11 Enterprise IoT 2024

Chinese Government Allegedly Used Supermicro Motherboards to Spy on US Enterprises

btarunr

Editor & Senior Moderator

eidairaman1

The Exiled Airman

R-T-B

btarunr

Editor & Senior Moderator

R-T-B

PerfectWave

xkm1948

Divide Overflow

R-T-B

TheoneandonlyMrK

R-T-B

BumbleBee

the54thvoid

Super Intoxicated Moderator

hat

Enthusiast

R0H1T

TheLostSwede

News Editor

The Terrible Puddle

R0H1T

R-T-B

Frick

Fishfaced Nincompoop

TheoneandonlyMrK

Frick

Fishfaced Nincompoop

TheoneandonlyMrK

StrayKAT

R-T-B

System Name	Gaming PC / I7 XEON
Processor	I7 4790K @stock / XEON W3680 @ stock
Motherboard	Asus Z97 MAXIMUS VII FORMULA / GIGABYTE X58 UD7
Cooling	X61 Kraken / X61 Kraken
Memory	32gb Vengeance 2133 Mhz / 24b Corsair XMS3 1600 Mhz
Video Card(s)	Gainward GLH 1080 / MSI Gaming X Radeon RX480 8 GB
Storage	Samsung EVO 850 500gb ,3 tb seagate, 2 samsung 1tb in raid 0 / Kingdian 240 gb, megaraid SAS 9341-8
Display(s)	2 BENQ 27" GL2706PQ / Dell UP2716D LCD Monitor 27 "
Case	Corsair Graphite Series 780T / Corsair Obsidian 750 D
Audio Device(s)	ON BOARD / ON BOARD
Power Supply	Sapphire Pure 950w / Corsair RMI 750w
Mouse	Steelseries Sesnsei / Steelseries Sensei raw
Keyboard	Razer BlackWidow Chroma / Razer BlackWidow Chroma
Software	Windows 1064bit PRO / Windows 1064bit PRO

System Name	Virtual Reality / Bioinformatics
Processor	Undead CPU
Motherboard	Undead TUF X99
Cooling	Noctua NH-D15
Memory	GSkill 128GB DDR4-3000
Video Card(s)	EVGA RTX 3090 FTW3 Ultra
Storage	Samsung 960 Pro 1TB + 860 EVO 2TB + WD Black 5TB
Display(s)	32'' 4K Dell
Case	Fractal Design R5
Audio Device(s)	BOSE 2.0
Power Supply	Seasonic 850watt
Mouse	Logitech Master MX
Keyboard	Corsair K70 Cherry MX Blue
VR HMD	HTC Vive + Oculus Quest 2
Software	Windows 10 P

Processor	Ryzen 9 5900X
Motherboard	Gigabyte X570 Aorus Master
Cooling	ARCTIC Liquid Freezer III 360 A-RGB
Memory	32 GB Ballistix Elite DDR4-3600 CL16
Video Card(s)	XFX 6800 XT Speedster Merc 319 Black
Storage	Sabrent Rocket NVMe 4.0 1TB
Display(s)	LG 27GL850B x 2 / ASUS MG278Q
Case	be quiet! Silent Base 802
Audio Device(s)	Sound Blaster AE-7 / Sennheiser HD 660S
Power Supply	Seasonic Vertex PX-1200
Software	Windows 11 Pro 64

System Name	RyzenGtEvo/ Asus strix scar II
Processor	Amd R5 5900X/ Intel 8750H
Motherboard	Crosshair hero8 impact/Asus
Cooling	360EK extreme rad+ 360$EK slim all push, cpu ek suprim Gpu full cover all EK
Memory	Corsair Vengeance Rgb pro 3600cas14 16Gb in four sticks./16Gb/16GB
Video Card(s)	Powercolour RX7900XT Reference/Rtx 2060
Storage	Silicon power 2TB nvme/8Tb external/1Tb samsung Evo nvme 2Tb sata ssd/1Tb nvme
Display(s)	Samsung UAE28"850R 4k freesync.dell shiter
Case	Lianli 011 dynamic/strix scar2
Audio Device(s)	Xfi creative 7.1 on board ,Yamaha dts av setup, corsair void pro headset
Power Supply	corsair 1200Hxi/Asus stock
Mouse	Roccat Kova/ Logitech G wireless
Keyboard	Roccat Aimo 120
VR HMD	Oculus rift
Software	Win 10 Pro
Benchmark Scores	8726 vega 3dmark timespy/ laptop Timespy 6506

Processor	Intel Core i5-3570K
Motherboard	Asus P8Z77-V Pro
Cooling	Noctua NH-D14
Memory	8GB Mushkin Blackline DDR3-1600
Video Card(s)	Gigabyte GTX 670
Storage	Intel 520 60GB, Seagate Barracuda XT 2TB
Display(s)	BenQ 24" XL2420T
Case	Corsair 550D
Audio Device(s)	Sennheiser HD600, Audeze LCD-3F, Mytek Stereo 192 DSD, La Figaro 339, Burson HA-160, Geek Pulse X
Power Supply	Corsair AX650
Mouse	steelseries Sensei MLG edition
Keyboard	Cooler Master QuickFire Pro
Software	Windows 7 64-bit Home Premium

Processor	Ryzen 7800X3D
Motherboard	MSI MAG Mortar B650 (wifi)
Cooling	be quiet! Dark Rock Pro 4
Memory	32GB Kingston Fury
Video Card(s)	Gainward RTX4070ti
Storage	Seagate FireCuda 530 M.2 1TB / Samsumg 960 Pro M.2 512Gb
Display(s)	LG 32" 165Hz 1440p GSYNC
Case	Asus Prime AP201
Audio Device(s)	On Board
Power Supply	be quiet! Pure POwer M12 850w Gold (ATX3.0)
Software	W10

System Name	Starlifter :: Dragonfly
Processor	i7 2600k 4.4GHz :: i5 10400
Motherboard	ASUS P8P67 Pro :: ASUS Prime H570-Plus
Cooling	Cryorig M9 :: Stock
Memory	4x4GB DDR3 2133 :: 2x8GB DDR4 2400
Video Card(s)	PNY GTX1070 :: Integrated UHD 630
Storage	Crucial MX500 1TB, 2x1TB Seagate RAID 0 :: Mushkin Enhanced 60GB SSD, 3x4TB Seagate HDD RAID5
Display(s)	Onn 165hz 1080p :: Acer 1080p
Case	Antec SOHO 1030B :: Old White Full Tower
Audio Device(s)	Creative X-Fi Titanium Fatal1ty Pro - Bose Companion 2 Series III :: None
Power Supply	FSP Hydro GE 550w :: EVGA Supernova 550
Software	Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores	>9000

System Name	Overlord Mk MLI
Processor	AMD Ryzen 7 7800X3D
Motherboard	Gigabyte X670E Aorus Master
Cooling	Noctua NH-D15 SE with offsets
Memory	32GB Team T-Create Expert DDR5 6000 MHz @ CL30-34-34-68
Video Card(s)	Gainward GeForce RTX 4080 Phantom GS
Storage	1TB Solidigm P44 Pro, 2 TB Corsair MP600 Pro, 2TB Kingston KC3000
Display(s)	Acer XV272K LVbmiipruzx 4K@160Hz
Case	Fractal Design Torrent Compact
Audio Device(s)	Corsair Virtuoso SE
Power Supply	be quiet! Pure Power 12 M 850 W
Mouse	Logitech G502 Lightspeed
Keyboard	Corsair K70 Max
Software	Windows 10 Pro
Benchmark Scores	https://valid.x86.fr/yfsd9w

System Name	Black MC in Tokyo
Processor	Ryzen 5 7600
Motherboard	MSI X670E Gaming Plus Wifi
Cooling	Be Quiet! Pure Rock 2
Memory	2 x 16GB Corsair Vengeance @ 6000Mhz
Video Card(s)	XFX 6950XT Speedster MERC 319
Storage	Kingston KC3000 1TB \| WD Black SN750 2TB \|WD Blue 1TB x 2 \| Toshiba P300 2TB \| Seagate Expansion 8TB
Display(s)	Samsung U32J590U 4K + BenQ GL2450HT 1080p
Case	Fractal Design Define R4
Audio Device(s)	Plantronics 5220, Nektar SE61 keyboard
Power Supply	Corsair RM850x v3
Mouse	Logitech G602
Keyboard	Dell SK3205
Software	Windows 10 Pro
Benchmark Scores	Rimworld 4K ready!

System Name	Grunt
Processor	Ryzen 5800x
Motherboard	Gigabyte x570 Gaming X
Cooling	Noctua NH-U12A
Memory	Corsair LPX 3600 4x8GB
Video Card(s)	Gigabyte 6800 XT (reference)
Storage	Samsung 980 Pro 2TB
Display(s)	Samsung CFG70, Samsung NU8000 TV
Case	Corsair C70
Power Supply	Corsair HX750
Software	Win 10 Pro