back to article Resident evil: Inside a UEFI rootkit used to spy on govts, made by you-know-who (hi, Russia)

A UEFI rootkit, believed to have been built by Kremlin spies from an anti-thief software program to snoop on European governments, has been publicly picked apart by researchers. A rootkit is a piece of software that hides itself on computer systems, and uses its root or administrator-level privileges to steal and alter …

  1. Inventor of the Marmite Laser Silver badge
    Pint

    There are some bloody clever people out there

    This is for the good guys >>>

  2. Anonymous Coward
    Anonymous Coward

    Wait, can this all be done remotely?

    "Essentially, the miscreants compromise a machine, gain administrator privileges, and then try to alter the motherboard firmware to include a malicious UEFI module that, if successful, installs and runs LoJax every time the computer is normally booted."

    1. Dan 55 Silver badge

      Re: Wait, can this all be done remotely?

      Yes, in the same way as anything else done after exploit and a privilege escalation.

      1. cyberdemon Silver badge
        Devil

        Hardware button?

        Most UEFI motherboards (certainly mine) have a dedicated hardware button at the rear I/O panel which is something to do with flashing firmware. I believe one can insert a USB stick with a firmware image, and hold the button down at boot to flash it without a screen attached.

        Would it not therefore be trivial to require this pre-existing hardware button to be pressed EVERY TIME the firmware is flashed? I.e. if you try to flash it from windows, it lights up the button and says "please press the button on the motherboard to continue with firmware update".

        Would this not thwart (almost) all malicious UEFI firmware images? (perhaps not the kind installed into laptops by security services as they pass through airports in the more dodgy countries i.e. China, Russia, Israel I am looking at you..) but certainly it would no longer be possible to do this remotely..

        Yes it might make it very slightly more annoying for the PFY in the data centre who has to update 1000 racks with a new firmware, but at least he gets overtime for it!

        1. Dan 55 Silver badge

          Re: Hardware button?

          Don't you know how much you can save per machine by not including a hardware button? Cents, cents I tell you!

          1. GnuTzu
            Megaphone

            Re: Hardware button? -- Market

            @Dan 55, Yes! Seriously, I can't believe how complicated some things have been made just to save on buttons. Or, is that that they think buttons are scary and will frighten consumers if there are lots of them?

          2. Charles 9

            Re: Hardware button?

            It can add up if those machines are hidden in out-of-the-way places, raising OR labor costs every time a mob NEEDS an update for security reasons...assuming someone IS there to patch the computer is the Middle of Nowhere that requires expensive travel and accommodations just to reach...

            1. Anonymous Coward
              Anonymous Coward

              Re: Hardware button?

              Enterprise customers would never accept having to push a button to send out firmware updates, because that would require the IT staff to leave their dark basement and have human contact!

              1. Yet Another Anonymous coward Silver badge

                Re: Hardware button?

                >that would require the IT staff to leave their dark basement and have human contact

                Robots !

                If you have a desktop on the floor and the USB port at a reachable height you could even have a fleet of modified Roombas going around doing it.

                Now if only robots could shake empty toner cartridges and push lusers down stairs we wouldn't need on-site admins at all.

                1. Danny 2

                  Re: Hardware button?

                  I don't trust my Roomba, I think the Russians may have dirt on it.

                  ('Maniac' is not great TV but it's worth it for the street Roombas clearing up dog poo)

                2. Jamie Jones Silver badge
                  Coat

                  Re: Hardware button?

                  Robots !

                  If you have a desktop on the floor and the USB port at a reachable height you could even have a fleet of modified Roombas going around doing it.

                  But then they just hack the robots!

                  Turtles all the way down....

          3. Alan Brown Silver badge

            Re: Hardware button?

            "Don't you know how much you can save per machine by not including a hardware button? Cents, cents I tell you!"

            Intel Desktop motherboards used to include a jumper which would _block_ flashing if set. Perfect for out-of-the-way stuff where you don't want it fiddled with.

            As for UEFI rootkits - the _only_ safe course of action is to drop the thing into a shredder and buy a new board.

        2. bombastic bob Silver badge
          Devil

          Re: Hardware button?

          I have a better idea than a mandatory hardware button: socketed NVRAM (for BIOS flash) that can be easily replaced with a one-time programmable ROM [one you can install yourself]

          I doubt any motherboards made in "certain countries" would have this feature...

          (I didn't mean USA but who knows what the NSA is up to)

          At least, if you can't re-flash the BIOS without changing it out physically, it would be a LOT harder to get a BIOS virus/trojan/rootkit installed on your computer by airport/customs spies.

          1. wayne 8

            Re: Hardware button?

            "Intel(ligence agency, central) Inside!"

        3. Fungus Bob

          Re: Hardware button?

          "Would this not thwart (almost) all malicious UEFI firmware images? "

          Most people would eat shit sandwiches if a dialog box popped up on the screen and told them to.

        4. psyq

          Re: Hardware button?

          Yes, but how then would you expect somebody from other side of the world to be able to remotely patch firmware on your worldwide fleet of computers?

          PHBs would like to know? So... no.

        5. Anonymous Coward
          Anonymous Coward

          Re: Hardware button?

          A button is fine if your IT team has direct physical access...if you mamage an estate across multiple locations across a country (not The Vatican) it becomes a hinderance.

          It's then unlikely systems will get patched for other issues...e.g

          Intel cpu bugs.

          All features have drawbacks in the real world to some people.

        6. John Brown (no body) Silver badge

          Re: Hardware button?

          Would it not therefore be trivial to require this pre-existing hardware button to be pressed EVERY TIME the firmware is flashed? I.e. if you try to flash it from windows, it lights up the button and says "please press the button on the motherboard to continue with firmware update".

          Hi, field service engineer here. We replace motherboards in desktops and laptops on a daily basis. Part of the job is the update to the latest firmware. None of the Intel or Asus motherboards we deal with have a special button, jumper or BIOS config setting to restrict flashing the firmware. Neither do any of the laptops we deal with. Worst case would be doing a re-flash of an existing motherboard which has a BIOS admin password on it stopping us (for a minute or two) from accessing the boot device menu until either a local tech enters it for us or we just use the jumper to zap it to defaults

          It could well be a good security measure since it would require physical access, but IME it's not a common feature.

          But, as others have mentioned, IT support departments have fewer people in them nowadays because of the total remote access control IT support have from their desks and so don't have to "waste" time going to a physical machine just to change a BIOS setting or even flash the BIOS. Adding a button would incur extra costs or they'd find a way to override it.

          1. Glen 1

            Re: Hardware button?

            Speculation: enthusiast Vs bog standard features?

  3. Anonymous Coward
    Anonymous Coward

    How do I

    Check for the presence of this on old machine(s) ?

    Had a thought that it could be responsible for several strange problems here not least corruption of external and internal drives etc.

    1. Anonymous Coward
      Anonymous Coward

      Re: How do I

      Nah, that's just a far more common virus called Windows :)

    2. DropBear

      Re: How do I

      How "old" can your machine possibly be and still be UEFI-based...? Or is this "Apple-old"...?

      1. oiseau
        Coat

        Re: How do I

        My machine is not UEFI based (Sun Ultra24).

        Well built and quite reliable HW albeit ridden with a really shitty BIOS and the Intel Management Engine Spyware.

        Can't have it all ...

        Mine's the one with the 3.25 FDs in the pocket.

      2. psyq

        Re: How do I

        Intel started putting UEFI firmwares on their Core 2 mobos circa 2006/2007 if I remember correctly (I had one of those small mini-ITX mobos, Fry Creek or smth. it was called). They had BIOS emulation (CSM) by default, but behind it it was all UEFI.

        I think already on Nehalem it was not possible anymore to initialize the CPU without UEFI firmware, not 100% sure but with Sandy Bridge it was for sure UEFI all the way down.

    3. bombastic bob Silver badge
      Black Helicopters

      Re: How do I

      I used regedit on a reconditioned Lenovo box I bought on e-bay a couple of years ago [maybe suspicious?] by looking for the string 'rwdrv'. nothing found. hopefully not a 'false negative'.

      1. Danny 2

        Re: How do I

        These evils will be loaded before Windows looks at the registry.

        Flash/fdisk/format/reinstall.

  4. Anonymous Coward
    Anonymous Coward

    VPNs?

    Regarding 'phoning home to the Kremlin' I often use a VPN that terminates in Moscow. How do the authorities filter between traffic coming from mostly innocent VPN providers with Russian servers and the more malicious traffic from spooks? Technically I know that there are specific IP ranges allocated to government controlled entities but surely the first thing a Russian spook (or even hacker that is not a spook!) might do is try to blend in by just using a VPN with all traffic leaving an exit point outside their own country? Also, when spooks are really determined, surely they are already physically resident in the target country/organisations and just use native local network access so they can steal data using physical methods? Snowden apparently ended up in Russia...

    1. Anonymous Coward
      Anonymous Coward

      Re: VPNs?

      "How do the authorities filter between traffic coming from mostly innocent VPN providers with Russian servers and the more malicious traffic from spooks?"

      I recall that that the recommended method from the early days of USENET was to look through the path taken by packets to see if they go through kremvax

      1. Anonymous Coward
        Anonymous Coward

        Re: VPNs?

        That was the time of the bang paths. moscvax!kremvax!chernenko in the path was a sure sign that KGB was on the line.

        1. An nonymous Cowerd

          Re: VPNs?

          Nowadays I suspect that the Kreml doesn’t always go for data-in-transit, perhaps they just let the HCA hack us, then they read the data-at-rest mountains?

          Scary Putin recently complained that his oppos seem to be Pigeons pecking on a chessboard, rather than playing the game - but I might be mixed-up in my memes.

          1. Nick Ryan Silver badge

            Re: VPNs?

            Either that or the other agencies who are almost certainly doing/trying the same thing are either better at not getting caught, or have a little more influence over the "news" services so they don't get reported but the overseas "red" or "evil communist/dictatorship" ones are.

            On the other hand, the UK is probably such a shambles that almost nothing useful or worthwhile happens, much like the government in general. Alternatively this could be a smokescreen... tin foil hats all round! :)

            1. DCFusor

              Re: VPNs?

              Wasn't there a tool leaked from one of the TLAs called UMBRAGE designed to make attribution whatever the user wanted it to be? Are we saying they didn't know how to do that, and should be disbanded due to incompetence and malfeasance? Why do we trust them to give correct attribution, if they even know it? They are clearly driven by agendas including needing to promote themselves by creating fear so we'll want them to defend us - regardless of any actual threat. It wouldn't matter, we'd hear the same stuff from them and their news outlets whatever the facts.

              Methinks these guys got too clever for their own good - we know no one can trust them now, if we didn't already.

  5. mark l 2 Silver badge

    I remember a time when to update your PCs firmware you had to physically move a jumper on the motherboard to write enabled or it just wouldn't flash. Such solutions are not always friendly for none technical people to achieve but it would completely stop any root kits from getting into your UEFI flash if manufacturers re-instated such physical switches on their PCs.

    1. Andy The Hat Silver badge

      ... and didn't many of us say as much when it was jumper-less flashing was introduced?

      Personally I'm surprised this attack vector hasn't been hit much harder.

    2. Cuddles

      "Such solutions are not always friendly for none technical people to achieve but it would completely stop any root kits from getting into your UEFI flash"

      Indeed. This is the fundamental problem with backdoors and related ideas - there's really no such thing, they're all just regular doors. If you make it possible for a legitimate party to do things, you also make it possible for a malicious party to do them. There are no exceptions to that rule. Ever. No matter how difficult you try to make it or how well hidden it is, there will always be a way for someone to abuse it.

      As always, it comes down to the question of how much you value convenience over security. There will almost always be some compromise needed with security reduced to make things useable in a reasonable manner. In a case like this, however, there really seems to be little need for convenience at all. Motherboard firmware updates are not particularly common things, and the sort of person who isn't happy switching jumpers probably shouldn't be trying to do it anyway. Given that the compromise means virtually undetectable and unfixable malware having access to pretty much everything, there just doesn't seem to be any good reason to make this all possible.

      1. Yet Another Anonymous coward Silver badge

        You are a bank with say 10,000 desktops.

        The bill for sending somebody to every desk to open up a PC, move the jumper, wait for update, move jumper back - is probably higher than the bill for making sure your firewall blocks UEFI phoning home

        1. Destroy All Monsters Silver badge

          Sysop has probably messed up and the phone-home happens anyway.

        2. Alan Brown Silver badge

          > You are a bank with say 10,000 desktops.

          In which case the bill for getting compromised is _FAR_ higher than the labour cost of having someone move bios jumpers.

          Management tend to look at cost of implementation, and forget about costs of not implementing - "We can save even more if we don't bother with this firewall thingie, and why do we need to update bios stuff anyway?"

          1. Anonymous Coward
            Anonymous Coward

            "In which case the bill for getting compromised is _FAR_ higher than the labour cost of having someone move bios jumpers."

            They'll figure they can lawyer their way out of it or at least drop it to below the cost of jetting IT around the world, provide accommodations, etc. Basically, unless the threat of noncompliance is existential (at which point the investors get involved), they'll just say they can worry about it later, and "fiduciary duty" will probably mean it's the same everywhere.

        3. Jamie Jones Silver badge

          Well, one would assume/hope banks and other institutions would have competent sysops.

          Just do it for the consumer market (ok, not helpful for rootkits targetting governments etc. but just wait until the uefi rootkit botnet hits the internet)

      2. RobinCM

        BIOS and other firmware updates are actually released fairly frequently, by decent manufacturers. Particularly BIOS since the spectre/meltdown thing kicked off.

        My aging Dell laptop is up to BIOS version A21, which averages to a release every 4 months. The latest version was released in March, which is pretty impressive for a seven year old machine with no hardware support contract.

        People actually bothering to install these updates happens much less frequently. Which is a shame because they often fix quite serious stability and data corruption issues, not to mention security.

        1. John Brown (no body) Silver badge

          "My aging Dell laptop is up to BIOS version A21, which averages to a release every 4 months."

          Yes, but having said that, most of the updates list the bugs the fix/features they add and suggest that if you are not affected by them, don't flash the BIOS due to the risks of bricking it. Personally, in my job, I've flashed 1000's of motherboards and never bricked one yet. I've also done HDD and SSD on-board firmware on occasions, likewise without issue.

  6. Anonymous Coward Silver badge
    Facepalm

    Call me cynical

    It's almost like UEFI was designed for this sort of crap.

    Even if that's not the case, it was blindingly obvious that it would be used as such.

    1. Pascal Monett Silver badge

      Re: Call me cynical

      Blindingly obvious ? Not so sure.

      UEFI was a response to a problem that was identified back in 1995, which is quite a bit earlier than the Snowden revelations and surveillance world we live in now.

      Sure, you could argue that the NSA has been subverting encryption since 2006, so it's in the same timeframe ballpark and it certainly wouldn't be hard to believe that they had a hand in designing vulnerabilities in UEFI.

      There is, however, no conspiracy theory on that as of yet, nor has there been any revelations pointing in that direction. Stay tuned, I guess.

      1. Robert Helpmann??
        Big Brother

        Re: Call me cynical

        There is, however, no conspiracy theory on that as of yet, ...

        Well you've started one now!

      2. Yet Another Anonymous coward Silver badge

        Re: Call me cynical

        >designing vulnerabilities in UEFI.

        Why when they can call Intel/HP/Dell/etc up and ask for the UEFI signing keys ?

      3. Anonymous Coward
        Anonymous Coward

        Re: Call me cynical

        UEFI not a conspiracy? where have you been since it came out?

      4. wayne 8

        NSA has been subverting encryption since 2006,

        "NSA has been subverting encryption since 2006,"

        And this issue is never brought up when a bitcoin believer is promoting The Blockchain.

        I remember when non secret level users were only allowed 64 bit encryption and even that tech could not be exported outside the USA. The idea was that the spooks could only break up to 64 bit.

        At some point "someone" must have developed the tech to break 256 bit in close to real time and they no longer care about encryption.

        1. Anonymous Coward
          Anonymous Coward

          Re: NSA has been subverting encryption since 2006,

          Always wonder when I see this sort of comment why no one seems to realize that the bad guys can use some home brewed cipher on top of everything else. The key is speed to crack. The bad guys can message in real time, while plod has to wait, maybe for quite a long time, to read a message. Likely too long. Here's a book code example:

          *

          08D781AFA4301F359B8101EDA327E25A2CC4ED98

          5EAF05EEFC4A53D46EB20006D665584068864EB2

          3EAD54BE231C7E26CB1C3C4AB61669688F06C3D3

          145B771CB352F6644DE86841E1A7E82CE1B02244

          5954562C1F02F485D5C95D8093D9F24D2CD6FDE3

          19E5F425136643B519436A88D1B5B518E6C487B9

          2168C4086C1439406005523923580D3DE2F4ECFF

          4899815F1468DF64BA5A6D5D62283333C9921849

          37A954EEE17253573043148CB5E04261CE172F4D

          488741494B71D771EF510D59143BE1194964D9DE

          350275A554638DC149D00007B0BD673139831CE4

          033D928F36058B62F56623B760B25F1A31A520E8

          346C0

          1. Jamie Jones Silver badge
            Flame

            Re: NSA has been subverting encryption since 2006,

            08D781AFA4301F359B8101EDA327E25A2CC4ED98

            5EAF05EEFC4A53D46EB20006D665584068864EB2

            3EAD54BE231C7E26CB1C3C4AB61669688F06C3D3

            145B771CB352F6644DE86841E1A7E82CE1B02244

            5954562C1F02F485D5C95D8093D9F24D2CD6FDE3

            19E5F425136643B519436A88D1B5B518E6C487B.....

            That's fighting talk, matey.

          2. Charles 9

            Re: NSA has been subverting encryption since 2006,

            "Likely too long."

            Don't be so sure. Why do you think they have that data center in Utah (if not to conceal a black-project quantum computer)? Historical evidence is still evidence, and many federal crimes have a lengthy statute of limitations (if any).

    2. oiseau
      Flame

      Re: Call me cynical

      Cynical would be to think that is was not designed for this sort of crap.

      ... blindingly obvious that it would be used as such.

      The writing was all over the wall but is was ignored.

      And now what?

      Cheers,

      O.

  7. Christoph

    Aren't those Russians terrible, developing software to hack into computers for their nefarious ends.

    So different from our wonderful people in NSA and Cheltenham, who are developing software to hack into computers for their noble ends.

    1. Anonymous Coward
      Anonymous Coward

      That's what the BBC would have you believe anyway...

  8. WatAWorld

    We know you'd never present us one made by the USA or UK, so yeah

    "Resident evil: Inside a UEFI rootkit used to spy on govts, made by you-know-who (hi, Russia)"

    Or China. But never the USA, UK, Canada, Australia or NZ -- not because they don't exist, but you cannot or would not publish it due to our laws.

    1. Adrian 4

      Re: We know you'd never present us one made by the USA or UK, so yeah

      As an intelligent reader, you're expected to make that assumption yourself. No need to make anybody break any laws, spying by 'friends' and enemies is a given.

    2. Rich 11

      Re: We know you'd never present us one made by the USA or UK, so yeah

      but you cannot or would not publish it due to our laws.

      Comment alert! Target acquired. Activate the black helicopters.

  9. Steve Cooper

    Freeserve

    Many moons ago I worked in a local computer shop and we started noticing that when we built new PCs a Freeserve icon would appear on the desktop after a fresh Win95/Win98 installation. Turned out to be a particular motherboard (probably PCChips) we started using somehow installed an icon onto the desktop during the Windows installation. Pretty clever for the 90's!

    1. I Am Spartacus
      Paris Hilton

      Re: Freeserve

      Not sure how that happened.

      Long time ago, in an IT shop far far away, I was part of the Freeserve design team. I'm pretty sure that our marketing team couldn;t even spell BIOS let alone have a clue how to alter one. Their main modus operandi was leaving CD's at supermarket checkouts.

      I can still remember the pain when we turned it on, having asked marketing to only release in one area to one supermarket. All our monitoring software lit up red, immediately. It turns out the marketeers had just ignored us techies and had launched it nationwide, in all outlets, on the same day, WCPGW.

    2. Nick Ryan Silver badge

      Re: Freeserve

      Sounds more like an update OS installation, but also, if I remember correctly, at this time Windows came preloaded with "suggested" ISPs depending on the region and these often installed some of their crap-ware by default.

  10. Will Godfrey Silver badge
    Unhappy

    Not really surprised.

    I didn't need another reason to be suspicious of UEFI, but this will do.

  11. Anonymous Coward
    Anonymous Coward

    It's good, in a bad sort of way, to find out this has happened.

    It was at least 4 years ago (before I joined) that our most recently-purchased Dell laptops were spotted "phoning home". Yep, said Dell (eventually) part of our anti-theft stuff. Being a security consultancy and all that, this really was a no-no. Of course, Dell weren't about to do us a customised BIOS. Eventually, after much BIOS reconfiguration in "collaboration" with Dell (1), I believe we got to the point where a single beaconing occurred but no data was transferred.

    Clearly, something like this was EXACTLY the sort of vuln we were concerned about. Oh, look.

    (1) i.e. much administration of the clue-by-four.

  12. David Roberts

    Firmware updates

    Posts here about switches and stuff, and rare updates, and not doing it if you don't know what you are doing.

    Just about to upgrade a Dell laptop to SSD for a friend and the Dell Action Centre had a firmware upgrade. I checked that this was a valid thing (signing keys are needed, apparently) and ran it. The system rebooted and updated a shed load of stuff, according to the prompts, before coming back up.

    So firmware updates seem to be run of the mill and require no knowledge or skill.

    Not disagreeing with the security concerns but that horse bolted long ago.

    1. John Brown (no body) Silver badge

      Re: Firmware updates

      "The system rebooted and updated a shed load of stuff, according to the prompts, before coming back up."

      Yes, all the motherboards I deal with have at least three BIOS flash methods. From within the BIOS itself, boot a FreeDOS pendrive with the flash tool and BIOS file on it or run a WIndows programme which sets it all up and, usually, re-boots to flash utility. The first, and especially the third, methods are all pretty user friendly even for an average user (assuming an average user would even realise that BIOS updates exist and they may need to do one)

  13. This post has been deleted by its author

  14. Anonymous Coward
    Anonymous Coward

    "While it is hard to modify a system’s UEFI image,

    few solutions exists to scan system’s UEFI modules and detect malicious ones," wrote Team ESET.

    And yet the author didn't think it important enough to mention what those solutions are.

    They wouldn't include the Anti-Malware-Company-That-Must-Not-Be-Named" by any chance? You are allowed to communicate the facts that people are not allowed to know. This isn't the BBC after all.

    1. Anonymous Coward
      Big Brother

      Re: "While it is hard to modify a system’s UEFI image,

      > You are allowed to communicate the facts that people are not allowed to know. This isn't the BBC after all.

      If he did then the Internet would conk out halfway through due to 'technical difficulties'.

  15. Anonymous Coward
    Anonymous Coward

    uEFi SneakyChips (tm)

    What concerns me is how many people have recycled their dead laptops etc without first taking off and destroying the: BIOS chip, RAM, APU, screen controller and memory, touchpad controller, etc etc. I checked and literally 1 in 10 chips on the motherboard can store potentially sensitive data.

    If you care about security get this dealt with in house with photographic verification that the hardware has been systematically destroyed at time X in location Y by persons A and B who also have to counter sign that it has been done according to the checklist which is witnessed by persons C and D.

    Just smashing them won't work as a typical chip can survive even if its bond wires have been torn off and most if not all modern APUs have 4 or more chips each with their own unique controller and non volatile memory.

    (scuttles off to put his hard disk PCBs through a blender)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon