Investigation Into Supermicro's Server Motherboards Finds No Malicious Spy Hardware

In October, a report by Bloomberg claimed that spies working for the Chinese government had inserted microchips on Supermicro server motherboards to spy on customers, which Bloomberg reported as affecting Apple and nearly 30 companies in total. Today, the outside investigations firm hired by Supermicro reported its findings, confirming that there is no evidence of any malicious hardware in current or old Supermicro server motherboards, including those used by Apple for iCloud (via Reuters).

Supermicro denied the allegations made in the Bloomberg report when it came out, and in today's letter to its customers said it was not surprised by the new findings. The investigation was performed by global firm Nardello & Co., which tested samples of motherboards in current production, as well as versions that were specifically sold to Apple and Amazon since both of those companies were mentioned directly by Bloomberg.

Nardello & Co. also examined software and design files, and didn't find any unauthorized components or signals being sent out from Supermicro. Customers interested will be able to ask for more details about the investigation, and Supermicro as of now is still reviewing its legal options following the investigation.

The day that "The Big Hack" article came out, Apple quickly released a statement, denying all claims made about the microchips spying on customers. "On this we can be very clear: Apple has never found malicious chips, "hardware manipulations" or vulnerabilities purposely planted in any server," Apple said in its statement.

Eventually both Apple CEO Tim Cook and Supermicro CEO Charles Liang called on Bloomberg to retract the story. Talking to BuzzFeed News, Cook said there is "no truth" to Bloomberg's claims about Apple. As of today, the story remains online.