Last week the FinSpy UEFI bootkit (a.k.a. FinFisher and Wingbird) was revealed as a tailored attack method aimed at both modern UEFI-based boot-loaders and legacy systems using the MBR (Master Boot Record) protocol. The fact that this has been undetected in the wild since 2012 raises serious questions about the efficacy of current tools and techniques.
Barely a week has passed, and now there’s another boot-loader-based attack. This one is a cleverly upgraded attack re-engineered from a design that came out early in the last decade.
ESPecter is a real-world example of a UEFI bootkit persisting on the EFI System Partition (ESP) in the form of a patched Windows Boot Manager. ESET discovered this attack, which bypasses operating system security and manipulates the early boot process to disable security features responsible for code integrity. This, in turn, means malware packages can freely tamper with system-level software.
The TL;DR? Eclypsium can now detect both FinSpy and ESPecter bootkits in your environment.
Reduce, Reuse, Recycle
As Eclypsium previously observed, these techniques are not new. With the whole world focused on reusing and recycling goods and materials to increase efficiency and reduce re-work and waste, why should the bad guys be any different? By simply porting their bootkit code to the newer UEFI boot method the attackers behind FinSpy and ESPecter can reuse almost everything from the original 2012 designs.
This is because the fundamental job of bootloaders remains the same: years ago, the UEFI Specification began to include a new Secure Boot feature to defend against such attacks, which were already well-known. This mechanism relies upon signed executables, authorized by a common UEFI Certificate Authority (CA) in order to allow booting only to unmodified and trustworthy code. However, since Microsoft ran the UEFI CA, this caused issues with some Linux distributions, and for many years systems were commonly shipped or run with Secure Boot disabled. That leaves vast proportions of critical systems unprotected today.
Even when Secure Boot was first introduced, various bugs were found which allowed malware to bypass the protection. Eclypsium researchers were part of this initial work, and we continue it with ongoing work investigating BootHole GRUB vulnerabilities and the complex process to patch and revoke signed-but-vulnerable bootloaders. Today, we still see outdated revocation lists in most systems because this usually does not get automatically updated. As a result, working bootloader attacks are not likely to go away.
Eclypsium Delivers a Solution
When it comes to firmware implants, there is no silver bullet. The same management of inventory, vulnerabilities, configuration, risks, and behaviors that we use above the OS needs to apply below the OS layer.
Eclypsium provides a platform for this that delivers an end-to-end firmware security solution that:
- Identifies all the firmware in all your devices (IOW all endpoints, served, network gear, and connected devices, which all have firmware) and build and maintain a detailed inventory. This inventory should include profiles and version identification for all firmware currently fielded by your organization.
- Verifies all firmware profiles, assuring their current integrity (against tampering and forgeries, for example) while also verifying the firmware’s current configuration against any defined standards and security frameworks.
- Fortifies your firmware: update where required by vendors, address known vulnerabilities with prioritized patching, and ensure appropriate, secure configurations are set. Avail your teams of automated tools, APIs, and processes that make these updates timely and efficient.
Eclypsium’s comprehensive firmware security solution helps you detect and defend against the invisible, firmware-centric attacks–like FinSpy and ESPecter–that are targeting your systems today.