{"id":39560,"date":"2021-02-12T23:28:36","date_gmt":"2021-02-12T23:28:36","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/"},"modified":"2021-02-12T23:28:36","modified_gmt":"2021-02-12T23:28:36","slug":"supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/","title":{"rendered":"Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg"},"content":{"rendered":"<p>Following up on a disputed 2018 claim in its BusinessWeek publication that tiny spy chips were found on Supermicro server motherboards in 2015, Bloomberg on Friday doubled down by asserting that Supermicro&#8217;s products were targeted by Chinese operatives for over a decade, that US intelligence officials have been aware of this, and that authorities kept this information quiet while crafting defenses in order to study the attack.<\/p>\n<p>&#8220;China\u2019s exploitation of products made by Supermicro, as the US company is known, has been under federal scrutiny for much of the past decade, according to 14 former law enforcement and intelligence officials familiar with the matter,&#8221; states Bloomberg in <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.bloomberg.com\/features\/2021-supermicro\/\">its report<\/a>, said to rely on interviews with more than 50 sources, mostly unnamed, in government and the private sector.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",button,mpu,\" data-sm=\",button,mpu,\" data-md=\",button,banner_plus,mpu\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The article \u2013 a follow-on to BusinessWeek&#8217;s <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.bloomberg.com\/news\/features\/2018-10-04\/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies\">2018 spy chip bombshell<\/a> \u2013 cites three specific incidents: the 2010 discovery by the Defense Department that thousands of its computers were sending military network data to China due to code hidden in chips that handle the server startup process; rival chipmaker Intel&#8217;s discovery in 2014 that a Chinese hacking group penetrated its network via a server that fetched malware from an unidentified supplier&#8217;s update site; and a 2015 warning issued by the FBI to multiple companies that Chinese agents had hidden an extra chip with backdoored code on one manufacturer&#8217;s servers.<\/p>\n<p>In other words, Bloomberg has expanded its claim that chips containing malicious spyware were added to Supermicro server motherboards, to also include word of malicious alterations to BIOS-level software to load and run surveillance code hidden in firmware, and to attacks on other vendors.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",button,mpu_plusplus,\" data-sm=\",button,mpu_plusplus,\" data-md=\",button,mpu_plusplus,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<h3 class=\"crosshead\"> <span>Beijing blues<\/span><br \/>\n<\/h3>\n<p>According to Bloomberg, the common threads in these incidents are China, Supermicro, and unspecified discoveries by &#8220;US spymasters,&#8221; that were not widely disclosed.<\/p>\n<p>The report goes on to claim that an FBI counterintelligence operation began in 2012, in which warrants under the Foreign Intelligence Surveillance Act were obtained to surveil a set of Supermicro employees. But the story further says that while it&#8217;s unclear whether this investigation remains ongoing, the Feds began working with people in the private sector to analyze these purported spy chips that had been secreted onto circuit boards.<\/p>\n<p>The scenario is not entirely implausible to some in the security industry. &#8220;In the hierarchy of cyber attack techniques preferred by intelligence agencies, the highest levels attacks are those that are persistent even when machines are turned off and software is reloaded,&#8221; said Alan Paller, director of research at the SANS Institute and president of the SANS Technology Institute, in an email to <i>The Register<\/i>. &#8220;A malicious chip is the simplest solution. Simple solutions work.&#8221;<\/p>\n<p>After all, even the NSA <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2015\/03\/18\/want_to_dodge_nsa_supply_chain_taps_ask_cisco_for_a_dead_drop\/\" rel=\"noopener noreferrer\">ran its own chop shops<\/a>, adding backdoors to IT gear as it was shipped across the world.<\/p>\n<p>Supermicro, as you might expect, has dismissed today&#8217;s story in <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.supermicro.com\/en\/pressreleases\/supermicro-statement-bloombergs-claims\">a lengthy statement<\/a>. It said in part:<\/p>\n<p>To date, no one has presented any public evidence these spy chips exist: no one&#8217;s pointed at board and told the world, there, that&#8217;s the spy chip. And many respected security mavens, including Google&#8217;s Travis Ormandy have expressed <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/twitter.com\/taviso\/status\/1360272443118477314?s=20\">deep skepticism<\/a> of Bloomberg&#8217;s claims. Then there are <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2018\/10\/04\/supermicro_bloomberg\/\" rel=\"noopener noreferrer\">the denials<\/a> issued two years ago that Supermicro cites in its statement, from then-Director of National Intelligence Dan Coats, and FBI Director Christopher Wray. Apple and Amazon played down any suggestion that Supermicro systems infected with surveillance chips made it into production.<\/p>\n<p>Yet the Bloomberg report today does provide a named source, Mukul Kumar, who as chief security officer for FPGA designer Altera claims to have learned of such a spy chip during an unclassified briefing. \u201cThis was espionage on the board itself,&#8221; he is quoted as saying. &#8220;There was a chip on the board that was not supposed to be there that was calling home \u2014 not to Supermicro but to China.&#8221;<\/p>\n<p><i>The Register<\/i> spoke with a former executive at a major semiconductor company who asked not to be named, about the plausibility that the subverted silicon cited in the Bloomberg report might exist and we were surprised to find that he found it credible.<\/p>\n<p>&#8220;I have physically held evidence in my hands,&#8221; he said with regard to the existence of compromised hardware. &#8220;I have seen it from multiple governments.&#8221;<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2017\/03\/07\/shutterstock_cyber_spy_hacker.jpg?x=174&amp;y=115&amp;crop=1\" width=\"174\" height=\"115\" alt=\"supermicro\"><\/p>\n<h2 title=\"Who's your money on? Bloomberg's sources? Apple? Amazon? Supermicro?\">Decoding the Chinese Supermicro super spy-chip super-scandal: What do we know \u2013 and who is telling the truth?<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2018\/10\/04\/supermicro_bloomberg\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>China, Israel, and the UK have excelled at these operations, he said, with France, Germany, and Russia also involved but, in his view, somewhat less capable in terms of hardware subversion.<\/p>\n<p>Such attacks absolutely do happen, our source said, adding that there are government contracts seeking to study subverted hardware attacks so they can be replicated and improved upon. However, they&#8217;re generally not directed at the public, he said. Rather they&#8217;re focused on obtaining access to critical systems, on developing durable national security assets.<\/p>\n<p>If a Chinese chip has indeed been identified, he said, then those involved in the operation messed up by not spending the resources to hide it better.<\/p>\n<p>Software attacks are easier, he said, but they&#8217;re also easier to inspect. The complexity of hardware makes implants harder to find. In modern cell phone chips, for example, he said, you can implant silicon in the circuit board and then add chips on top of that to make the alteration less obvious.<\/p>\n<p>&#8220;If you create something that should not be there, the x-ray inspector can discover it,&#8221; he said. &#8220;But if it&#8217;s changing the shape and size of existing silicon slightly, that&#8217;s harder to inspect. It&#8217;s not difficult to add a little circuitry and have no material difference in observability.&#8221;<\/p>\n<p>&#8220;It&#8217;s important to have an awareness of the kinds of things that happen in order to motivate industry to make changes and ultimately keep people safe,&#8221; our source said.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",button,dbutton,mpu_plus,dmpu,\" data-sm=\",button,dbutton,mpu_plus,dmpu,\" data-md=\",button,dbutton,mpu_plus,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p><i>The Register<\/i> asked Supermicro whether it is considering litigation against Bloomberg. A spokesperson for the company was non-committal, saying only that the manufacturer is reviewing the story and considering its options. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2021\/02\/12\/supermicro_bloomberg_spying\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Server maker says latest article is &#8216;a mishmash of disparate allegations&#8217; Following up on a disputed 2018 claim in its BusinessWeek publication that tiny spy chips were found on Supermicro server motherboards in 2015, Bloomberg on Friday doubled down by asserting that Supermicro&#8217;s products were targeted by Chinese operatives for over a decade, that US intelligence officials have been aware of this, and that authorities kept this information quiet while crafting defenses in order to study the attack.\u2026  READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-39560","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-02-12T23:28:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg\",\"datePublished\":\"2021-02-12T23:28:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/\"},\"wordCount\":1022,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/\",\"name\":\"Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2021-02-12T23:28:36+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/","og_locale":"en_US","og_type":"article","og_title":"Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-02-12T23:28:36+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg","datePublished":"2021-02-12T23:28:36+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/"},"wordCount":1022,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/","url":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/","name":"Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2021-02-12T23:28:36+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YCddCkGtUfSTy84iH5RY5AAAANQ&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/supermicro-spy-chips-the-sequel-it-really-really-happened-and-with-bad-bios-and-more-insists-bloomberg\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Supermicro spy chips, the sequel: It really, really happened, and with bad BIOS and more, insists Bloomberg"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=39560"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39560\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=39560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=39560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=39560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}