Slashdot Mirror

← Back to Stories (view on slashdot.org)

First-Ever UEFI Rootkit Tied To Sednit APT (threatpost.com)

Posted by msmash on from the security-woes dept.

Researchers hunting cyber-espionage group Sednit (an APT also known as Sofacy, Fancy Bear and APT28) say they have discovered the first-ever instance of a rootkit targeting the Windows Unified Extensible Firmware Interface (UEFI) in successful attacks. From a report: The discussion of Sednit was part of the 35C3 conference, and a session given by Frederic Vachon, a malware researcher at ESET who published a technical write-up on his findings earlier this fall [PDF]. During his session, Vachon said that finding a rootkit targeting a system's UEFI is significant, given that rootkit malware programs can survive on the motherboard's flash memory, giving it both persistence and stealth.

"UEFI rootkits have been researched and discussed heavily in the past few years, but sparse evidence has been presented of real campaigns actively trying to compromise systems at this level," he said. The rootkit is named LoJax. The name is a nod to the underlying code, which is a modified version of Absolute Software's LoJack recovery software for laptops. The purpose of the legitimate LoJack software is to help victims of a stolen laptop be able to access their PC without tipping off the bad guys who stole it. It hides on a system's UEFI and stealthily beacons its whereabouts back to the owner for possible physical recovery of the laptop.

25 of 168 comments (clear)

  1. Phishing email or equivalent? by AHuxley · · Score: 2

    Still have to have that human interaction with a click.
    How long until this can be pushed down direct from a website?

    --
    Domestic spying is now "Benign Information Gathering"
  2. Re:APT? by Fly+Swatter · · Score: 5, Informative

    Yea, a definition would be quite apt here: Advanced Persistent Threat. (per wikipedia APT)

  3. Whatever happened to... by Anonymous Coward · · Score: 2, Insightful

    Whatever happened to requiring the insertion of a jumper on the motherboard to update the BIOS? That would stop this thing in its tracks.

    1. Re:Whatever happened to... by Fly+Swatter · · Score: 2

      Now don't go spouting things like common sense to manufacturers. This is the 21st century after all.. Also I was under the impression that many UEFI BIOS like to write to itself for settings and note taking (sigh) within the bios screen etc. That would require TWO flash chips so that one could be made write protected with a hardware jumper (hey those things are expensive).

    2. Re:Whatever happened to... by sjames · · Score: 5, Insightful

      This. Unlike old BIOS that only needed a few bytes to maintain configuration (commonly battery backed CMOS, but eeprom could be used) the latest abomination from Intel needs a full fledged read/write flash file system. To make it worse, unlike old BIOS where clearing the CMOS would recover from any mis-configuration, some implementations of EFI can be bricked.

      Now, from TFA, it turns out UEFI makes a dandy platform for persistent malware.

      So, NOW can we go back to BIOS and just make it unstand GPTs?

    3. Re:Whatever happened to... by nateman1352 · · Score: 4, Interesting

      As someone who writes BIOS for a living, no we can't go back to legacy BIOS at this point. Chipset initialization has gotten too complex to fit in the 1 MB of RAM allowed by 16 bit real mode. UEFI is actually a big upgrade for firmware engineers since it natively supports the C language and 64 bit long mode. None of the silicon released by Intel or AMD in the last 5 years would be bootable with 1 MB of RAM.

    4. Re:Whatever happened to... by UnknownSoldier · · Score: 2

      > Chipset initialization has gotten too complex to fit in the 1 MB of RAM

      8-bit machines only need a few KB for this. WTF are you guys doing that you need more then 1024 KB ???

    5. Re:Whatever happened to... by sjames · · Score: 4, Interesting

      As another (former) BIOS writer, why not pop it into flat-32 and go from there? Implementing a complex API complete with a file system seems a bit much for something that will run just long enough to call a boot loader.

      IIRC, a number of BIOS do, in fact, go into flat-32 mode. The big catch to using C is not the size of the flash chip, it's the need to have space for the stack before you get memory up. That is handily solved by configuring the CPU to use it's cache as a temporary RAM long enough to get the actual RAM up.

      CoreBOOT + SeaBIOS manage to be implemented mostly in C and work just fine. Most server boards still manage to implement "Legacy boot mode".

    6. Re: Whatever happened to... by sjames · · Score: 4, Interesting

      Unfortunately, UEFI appears to be insecure by design. So, step one, shred UEFI and secure wipe it's source.

      CoreBoot has a nice modern design that works. The only thing holding it back is lack of vendor support.

      A minimalist extension of the old BIOS system to go to flat 32 bit mode ASAP, and load a bootloader the same way old BIOS does comes to mind. If necessary, expand the CMOS a bit, but under no circumstances allow it to contain code, just settings. And like the old BIOS, if the CMOS doesn't pass a checksum, write sane defaults to it. Writing to the flash should never be needed for normal operation, write should need to be enabled ONLY if a BIOS update is needed, and that should be a very rare event.

      A wishlist item is that all of the "secret sauce" that requires vendor support and NDAs should be packed into one section and when it is complete, it should simply jump into a well known location to take care of loading the boot loader. Do NOT implement a memory allocator, filesystem, word processor or Eliza in BIOS. Rule 1, the system must operate normally if writing to flash is disabled.

    7. Re:Whatever happened to... by houghi · · Score: 2

      And it us unpossible to write a BIOS in anything but 1MB chips, e.g. in 2MB or 640MB chips?

      I now have some sort of BIOS, that tries to do everything, so I can run a bootloader, that tries to do everything, so I can launch a destop manager, that tries to do everything, to have a browser, that tries to do everything visit a page, that tries to do everything.

      --
      Don't fight for your country, if your country does not fight for you.
    8. Re:Whatever happened to... by sjames · · Score: 3, Interesting

      Those functions (when wanted) should be provided by a bootloader like object that gets loaded by the BIOS. So far, the biggest use of secure boot seems to be making sure your computer doesn't do things you want it to if the *IAA don't want it to.

      Meanwhile, other architectures don't use EFI and I see no signs that any want to, so that makes platform independant boot ROMS a bit pointless. If wanted, that could be bolted on as well.

    9. Re:Whatever happened to... by sjames · · Score: 2

      The correct way to protect the BIOS is a jumper that has to be set to enable writing/erasing the flash. End of story.

      The old BIOS already managed to init the CPU, init the memory controller, init the memory, and provide enough setup of PCI devices to find the boot loader or jump to PXE.

      I have actually written boot firmware. Most of those complex things beyond what I mentioned above are complex because they don't belong in the boot firmware at all.

    10. Re:Whatever happened to... by AmiMoJo · · Score: 2

      That's basically what happens, the UEFI loads the Secure Boot module which then verifies the boot files. Obviously the Secure Boot module has to be in the UEFI where it can't be modified by malware, or it wouldn't work.

      It's widely used to prevent infection by rootkit. By validating the OS boot files with a public key they can't be modified by a rootkit.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    11. Re:Whatever happened to... by rahvin112 · · Score: 2

      UEFI/EFI is coming to an ARM platform near you. It's needed for ARM to support server type capabilities and IIRC ARM plans to implement it across all future products to make it possible for their platform to expand into the server market.

      UEFI is here to stay. Personally I'd prefer coreboot but no one supports coreboot and the manufactures don't like it because they can't brand it as easily as UEFI can be.

    12. Re:Whatever happened to... by sjames · · Score: 2

      So why not throw the excess plumbing away and just have the BIOS call the secure boot module?

      EFI isn't needed for that, it just happens to be where it was implemented.

  4. Same old mistakes, made again and again and again by gweihir · · Score: 2

    I am really tired of everything new being broken. We do know how to do this better. Why are these severe mistakes still being made?

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  5. The state of IT is a tragedy by Anonymous Coward · · Score: 5, Insightful

    Anyone with a working brain can see that non-removable persistent storage on the mainboard, that can be written from inside a running OS and only be inspected under the control of the software in that storage, is an extraordinarily stupid mistake. Then there are a variety of "management" systems (SMM, IME, ...) which also evade inspection and have full access to everything. The most trustworthy computers these days are small embedded processors (but not phones!). Desktop systems and laptops can practically not be secured. If there is a possibility of a hack, there is no reliable way to restore the system to a safe state.

  6. Re:Same old mistakes, made again and again and aga by 110010001000 · · Score: 3, Funny

    Don't worry. AI and autonomous driving and quantum computing are right around the corner. That will fix all these issues.

  7. UEFI and persistent code by Anonymous Coward · · Score: 3, Insightful

    So UEFI allows persistent code to exist in it from a 3rd party for example these laptop security/tracking apps? Who didn't think this would eventually be abused by malware or some 3 letter agency?

    What's even better than the malware back in the day that would attempt to modify known BIOS code, or maybe brick a BIOS it didn't know? A known documented API into UEFI that allows for "sanctioned" persistent code! yay!

    UEFI and IME sounds like a 3 letter agencies wet dream.

  8. Re:Same old mistakes, made again and again and aga by ctilsie242 · · Score: 3, Interesting

    Money. To a lot of companies, the top brass feels that security gives zero return to them, so they skimp as much as possible on it. In fact, the faster they can rush a product out the door, no matter how many odious show-stopping bugs, the better.

    I wish we had something like Underwriter's Laboratories, except for computer product security, and security in the correct ways, as most companies only focus on security against the intended user, so a broken device can't be reflashed with custom firmware and made useful again. Or perhaps, take that one step further and go with a Sold Secure like system, where products are white-box tested, black box tested, source code is audited, chip supplies are audited, and so on. Of course, the downside here is regulatory capture, but if this is a multinational organization with people who are not beholden to one country, this could be an acceptable solution.

    Until this, or some regulatory system is in place, these compromises will only happen more often, as one attack based on UEFI allows others to happen, and we have only seen the start persistant threats. Things like ransomware that quietly encrypts files via a transparant driver, so even backups have the files encrypted, then a certain date elapses, and the decryption keys are chucked, all drives are ATA locked and the machine puts up a message demanding whatever currency is in fashion (Bitcoins, e-Gold, etc.)

  9. Re:Same old mistakes, made again and again and aga by phantomfive · · Score: 2

    Because software teams only fix critical and important bugs. They have tons of bugs left in their bug tracker, and some of them happen to be security bugs.

    --
    "First they came for the slanderers and i said nothing."
  10. By enabling Secure Boot ... by benjymouse · · Score: 2

    By enabling Secure Boot, and making sure their UEFI firmware is up to date, end users can protect themselves against attack, Vachon said.

    This rootkit is *NOT* a bypass of secure boot. If UEFI Secure Boot is enabled, unsigned UEFI modules cannot be installed into the UEFI firmware configuration.

    We've seen BIOS rootkits before. This is just an UEFI version of the same concept, except UEFI Secure Boot does exactly what it is supposed to do: Prevent unauthorized updating of the firmware.

    --
    Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
  11. Complete video of talk by stefanb · · Score: 2

    is available, like most of the talks for 35c3, on media.ccc.de: https://media.ccc.de/v/35c3-95...

  12. Re: So... by TheRaven64 · · Score: 2

    A jumper on the board would do that, and restrict upgrades to people who know at least the basics of hardware maintenance.

    The firmware is right at the root of your trusted computing base. If you require opening up the case and moving a jumper in every machine to push out an update, then most people are never going to do it. This means that, if there's a security vulnerability then it will never be patched for 95% of users. Given that BIOS vendors are responsible for some of the worst code in production, which is often able to be attacked over the network or via USB, do you really think that this would improve security?

    --
    I am TheRaven on Soylent News
  13. Re:Same old mistakes, made again and again and aga by AmiMoJo · · Score: 2

    Actually things are much, much better than they used to be.

    This attack requires the user to first compromise the OS in order to attack the UEFI firmware, so they need multiple unpatched vulnerabilities. Realistically that means either tricking the user into running some malware or getting through the web browser, the web browser's sandbox, the OS sandbox, the OS user level protections, the OS kernel security protections and finally attacking the particular UEFI implementation being used.

    Compare to back in the 90s when everyone ran Internet Explorer as admin and code running in the browser itself could effortlessly install a rootkit. The filesystem was FAT32, it didn't even have access controls.

    These days exploits tend not to be nearly as serious because we have so many layers of defences. That's one reason attacks have changed in nature, focusing on things like the CPU itself or on stealing information rather than trying to take control of the system.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC