UEFI Attacks in the Wild
Security researchers have long been investigating potential attacks that undermine the foundation of modern software based defenses. For years this has remained a persistent issue without a comprehensive solution. Now, firmware and hardware threats have taken new significance due to recent research from ESET, which has uncovered one of the first UEFI rootkits being used by attackers in the wild (additional coverage).
This new research shows that malware authors are putting the theory of firmware-based malware into real-world practice. As with the HackingTeam UEFI rootkit, LoJax uses a firmware module to re-infect the system even if the OS is reinstalled. In a way, the “hard” part for this attack is getting access to change firmware at all. This can be done either through physical access or by exploiting vulnerabilities in firmware. As we’ve shown before, a few minutes of physical access is all it takes. However, a fully automatic installation of malware is also possible if firmware is not properly protected. One critical safeguard is to configure the BIOS Control Register such that firmware is read-only. If not properly configured (or if the system is very old), a race condition vulnerability (dubbed “Speed Racer”) can allow malware to bypass this protection. Researchers now report that LoJax exploited these vulnerabilities in order to install itself persistently. This is likely to be effective on many systems. Even though manufacturers may have released firmware updates to patch this vulnerability, many systems remain vulnerable, since firmware updates are rarely installed.
Protection of firmware storage is one of the most fundamental safeguards. While research dates much earlier, major recognition can be found in NIST’s Special Publication 800-147, which was released in 2011. This requires secure firmware storage in order to support cryptographically signed updates. The initial release of CHIPSEC in 2014 included tests for these specific vulnerabilities in the common.bios_wp module which continues to be useful today. You can run it to test if your system has properly protected firmware storage and fixed “Speed Racer” vulnerability.
Many other vulnerabilities have been discovered over the past few years in UEFI and related protections. Often, attackers don’t need to exploit a vulnerability at all in order to install implants like LoJax into the UEFI firmware. We have already seen that many older systems and even recent servers lack basic protections like signed firmware updates. Some of these vulnerabilities can be exploited remotely.
In addition to the main system firmware (e.g. UEFI), each system has multiple components including management controllers, network cards, hard drives and many more. Each of these components is responsible for major capabilities on the system. As we study more of these components, we find that their firmware can also be infected which can be challenging to detect or remediate.
So how can organizations defend their systems from firmware implants like the one used by LoJax? CHIPSEC framework includes modules like tools.uefi.blacklist and tools.uefi.whitelist which can help with detecting that the UEFI firmware has been infected. The tools.uefi.whitelist tool can be used to generate a list of “expected” hashes of all UEFI firmware executables on a system and then compare the firmware with this list later to detect any unexpected change or extra binaries added by implants like LoJax. This list must be created on a known good system.
Unfortunately, advanced tools like CHIPSEC are not suitable for wider deployment across enterprise operations. That’s what Eclypsium offers to organizations. More than just vulnerability information, Eclypsium also provides integrity assessment about the firmware on a system, making firmware and hardware visible at enterprise scale. Systems infected with LoJax or similar UEFI implants would fail integrity and whitelisting checks, even though they had never been seen before in-the-wild.
Ongoing exploration of vulnerabilities helps us to develop better defensive strategies and to monitor for previously invisible threats. In turn, we enable organizations to operate with confidence. Research will continue uncovering new techniques for malware, especially in the obscure corners of technology, and it makes sense that attackers are drawn to these unguarded areas in order to persist undetected and bypass security mechanisms. That’s why such research is part of our strategy, and we dedicate ourselves to developing defenses that are informed by research.