malware buried deep down the spi flash: sednit's first ...€¦ · unified extensible firmware...
TRANSCRIPT
![Page 1: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/1.jpg)
Malware Buried Deep Down the SPI Flash: Sednit's First UEFI Rootkit Found in the Wild
Jean-Ian Boutin | Senior Malware Researcher
Frédéric Vachon | Malware Researcher
![Page 2: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/2.jpg)
Jean-Ian Boutin Senior Malware Researcher
Frédéric Vachon Malware Researcher
@jiboutin @Freddrickk_
![Page 3: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/3.jpg)
Sednit (AKA Fancy Bear/APT28/STRONTIUM/etc)
•Espionage group active since the early 2000s
•Very visible in the past few years as allegedly behind these notorious hacks
![Page 4: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/4.jpg)
Sednit (AKA Fancy Bear/APT28/STRONTIUM/etc)
•Espionage group active since the early 2000s
•Very visible in the past few years as allegedly behind these notorious hacks • Democratic National Committee (DNC)
![Page 5: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/5.jpg)
Sednit (AKA Fancy Bear/APT28/STRONTIUM/etc)
•Espionage group active since the early 2000s
•Very visible in the past few years as allegedly behind these notorious hacks • Democratic National Committee (DNC)
•World Anti-Doping Agency (WADA)
![Page 6: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/6.jpg)
Sednit (AKA Fancy Bear/APT28/STRONTIUM/etc)
•Espionage group active since the early 2000s
•Very visible in the past few years as allegedly behind these notorious hacks • Democratic National Committee (DNC)
•World Anti-Doping Agency (WADA)
• TV5 Monde
• etc
![Page 7: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/7.jpg)
Sednit (AKA Fancy Bear/APT28/STRONTIUM/etc)
•Espionage group active since the early 2000s
•Very visible in the past few years as allegedly behind these notorious hacks • Democratic National Committee (DNC)
•World Anti-Doping Agency (WADA)
• TV5 Monde
• etc
![Page 8: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/8.jpg)
Sednit (AKA Fancy Bear/APT28/STRONTIUM/etc)
•Espionage group active since the early 2000s
•Very visible in the past few years as allegedly behind these notorious hacks • Democratic National Committee (DNC)
•World Anti-Doping Agency (WADA)
• TV5 Monde
• etc
![Page 9: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/9.jpg)
Example of phishing email
![Page 10: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/10.jpg)
Example of phishing email
![Page 11: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/11.jpg)
Agenda
•What is LoJack?
•Past research
•Digging in
•Descending through the rings
![Page 12: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/12.jpg)
Computrace/LoJack
![Page 13: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/13.jpg)
Absolute Software
![Page 14: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/14.jpg)
Past Research
![Page 15: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/15.jpg)
Black Hat USA 2009
•Exposed design vulnerabilities in agent
![Page 16: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/16.jpg)
LoJack Architecture back then
![Page 17: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/17.jpg)
Configuration file vulnerability
![Page 18: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/18.jpg)
Configuration file vulnerability
![Page 19: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/19.jpg)
Configuration file vulnerability
![Page 20: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/20.jpg)
Digging in
![Page 21: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/21.jpg)
LoJax - Cat is out of the bag
•Document small agent modifications
•Links old Sednit domains to Lojax domains
![Page 22: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/22.jpg)
Where is the attack?
![Page 23: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/23.jpg)
Where is the attack?
![Page 24: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/24.jpg)
Changed only configuration file?
•Almost, and used only one agent version to do so…
![Page 25: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/25.jpg)
Changed only configuration file?
•Almost, and used only one agent version to do so…
•Bulk detection now possible – time to dive in
![Page 26: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/26.jpg)
The Balkans, Central and Eastern Europe victims
•Few organizations hit
•Military and diplomatic organizations
•Presence of several Sednit tools in the organization
![Page 27: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/27.jpg)
Analyst ramblings
![Page 28: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/28.jpg)
Clairvoyance?
![Page 29: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/29.jpg)
Clairvoyance?
![Page 30: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/30.jpg)
Clairvoyance?
![Page 31: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/31.jpg)
RWEverything
•Uefi read tool
![Page 32: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/32.jpg)
RWEverything
•Legitimate software using legitimate kernel driver
•Not the first time it is reused for other purposes
![Page 33: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/33.jpg)
RWEverything
•Found on some organizations with LoJax compromise
• info_efi.exe
![Page 34: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/34.jpg)
autochk.exe mechanism?
![Page 35: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/35.jpg)
autochk.exe mechanism?
![Page 36: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/36.jpg)
autochk.exe vs. autoche.exe
![Page 37: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/37.jpg)
autochk.exe vs. autoche.exe
![Page 38: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/38.jpg)
autochk.exe vs. autoche.exe
![Page 39: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/39.jpg)
autochk.exe vs. autoche.exe
![Page 40: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/40.jpg)
autochk.exe vs. autoche.exe
![Page 41: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/41.jpg)
autochk.exe vs. autoche.exe
![Page 42: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/42.jpg)
Down the rings we go
![Page 43: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/43.jpg)
ReWriter_read.exe
•Tool to dump SPI flash memory content found alongside LoJax sample
IOCTL code Description
0x22280c Writes to memory mapped I/O space
0x222808 Reads from memory mapped I/O space
0x222840 Reads a dword from given PCI Configuration Register
0x222834 Writes a byte to given PCI Configuration Register
![Page 44: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/44.jpg)
ReWriter_read.exe
•Contains *lots* of debug strings
•Consists of the following operations • Log information on BIOS_CNTL register
• Locate BIOS region base address
• Read UEFI firmware content and dump it to a file
![Page 45: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/45.jpg)
Reading from the SPI Flash Memory
![Page 46: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/46.jpg)
Reading from the SPI Flash Memory
![Page 47: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/47.jpg)
Reading from the SPI Flash Memory
![Page 48: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/48.jpg)
ReWriter_binary.exe
•Contains *lots* of debug strings
•Uses RWEverything’s driver
•Consists of the following operations • Add the rootkit to the firmware
•Write it back to the SPI flash memory
![Page 49: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/49.jpg)
Patching the UEFI firmware
![Page 50: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/50.jpg)
Unified Extensible Firmware Interface (UEFI)
• Replacement for the legacy BIOS
•New standard for firmware development
• Provides a set of services to UEFI applications • Boot services
• Runtime services
•No more MBR/VBR
![Page 51: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/51.jpg)
Driver Execution Environment (DXE) Drivers
• PE/COFF images
• Abstract the hardware
• Produce UEFI standard interface
• Register new services (protocols)
• Loaded during the DXE phase of the Platform initialization
• Loaded by the DXE dispatcher (DXE Core)
![Page 52: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/52.jpg)
UEFI firmware layout
• Located in the BIOS region of the SPI flash memory
• Contains multiple volumes • Volumes contain files identified by GUIDs
• File contain sections
• One of these sections is the actual UEFI image
• It’s more complex than that but it suffices for our purpose
![Page 53: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/53.jpg)
SPI flash memory layout
![Page 54: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/54.jpg)
SPI flash memory layout
![Page 55: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/55.jpg)
SPI flash memory layout
![Page 56: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/56.jpg)
SPI flash memory layout
![Page 57: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/57.jpg)
BIOS region layout
![Page 58: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/58.jpg)
BIOS region layout
![Page 59: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/59.jpg)
BIOS region layout
![Page 60: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/60.jpg)
BIOS region layout
![Page 61: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/61.jpg)
Parsing the firmware volumes
• Parses all the firmware volumes of the UEFI firmware
• Looks for 4 specific files • Ip4Dxe (8f92960f-2880-4659-b857-915a8901bdc8)
• NtfsDxe (768bedfd-7b4b-4c9f-b2ff-6377e3387243)
• SmiFlash (bc327dbd-b982-4f55-9f79-056ad7e987c5)
• DXE Core
![Page 62: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/62.jpg)
Ip4Dxe and DXE Core
• Used to find the firmware volume to install the rootkit
• All DXE drivers are usually in the same volume
• DXE Core may be in a different volume
• The chosen volume will be the one with enough free space available
![Page 63: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/63.jpg)
NtfsDxe and SmiFlash
•NtfsDxe the AMI NTFS driver
•Will be removed if found
• SmiFlash metadata are not used
• SmiFlash is a known-vulnerable DXE driver
![Page 64: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/64.jpg)
Adding the rootkit
• Creates a FFS file header (EFI_FFS_FILE_HEADER)
• Append the Rootkit file
•Write it at the end of the DXE drivers volume or the DXE Core volume • Checks if there’s enough free space available
![Page 65: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/65.jpg)
Write the compromised firmware to the SPI Flash
memory
![Page 66: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/66.jpg)
BIOS Write Protection Mechanisms
• Platform exposes write protection mechanisms
•Need to be properly configured by the firmware
•We’ll only cover relevant protections to our research • Won’t cover Protected Range Registers
• Exposed via the BIOS Control Register (BIOS_CNTL)
![Page 67: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/67.jpg)
BIOS Write Protection Mechanisms
• To write to the BIOS region BIOS Write Enable (BIOSWE) must be set to 1
• BIOS Lock Enable (BLE) allows to lock BIOSWE to 0
![Page 68: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/68.jpg)
BIOS Write Protection Mechanisms
• To write to the BIOS region BIOS Write Enable (BIOSWE) must be set to 1
• BIOS Lock Enable (BLE) allows to lock BIOSWE to 0
![Page 69: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/69.jpg)
BIOS Write Protection Mechanisms
• The implementation of BLE is vulnerable
•When BIOSWE is set to 1, its value change in BIOS_CNTL
• A System Management Interrupt (SMI) is triggered
• The SMI handler sets BIOSWE back to 0 • The SMI handler must be implemented by the firmware
![Page 70: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/70.jpg)
BIOS Write Protection Mechanisms
•What if we write to the SPI flash memory before the SMI handler sets BIOSWE to 0?
• Race condition vulnerability (Speed racer) • A thread continuously set BIOSWE to 1
• Another thread tries to write data
•Works on multicore processors and single core processors with hyper-threading enabled
![Page 71: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/71.jpg)
BIOS Write Protection Mechanisms
• Platform Controller Hub family of Intel chipsets introduces a fix for this issue
• The firmware must set this bit
![Page 72: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/72.jpg)
BIOS Write Protection Mechanisms
• Platform Controller Hub family of Intel chipsets introduces a fix for this issue
• The firmware must set this bit
![Page 73: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/73.jpg)
ReWriter_Binary.exe
• ReWriter_Binary.exe checks these settings
• Checks if the platform is properly configured
• Implements the exploit for the race condition
![Page 74: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/74.jpg)
Writing process decision tree
![Page 75: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/75.jpg)
Writing process decision tree
![Page 76: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/76.jpg)
Writing process decision tree
![Page 77: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/77.jpg)
Writing process decision tree
![Page 78: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/78.jpg)
Writing to the SPI Flash Memory
![Page 79: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/79.jpg)
Writing to the SPI Flash Memory
![Page 80: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/80.jpg)
Writing to the SPI Flash Memory
![Page 81: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/81.jpg)
Let’s take a step back
•Software implementation to flash firmware remotely • Hacking Team’s UEFI rootkit needed physical access
•We extracted the UEFI rootkit
•Looked at ESET’s UEFI scanner telemetry
•And…
![Page 82: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/82.jpg)
We’re going to Black Hat Baby!
![Page 83: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/83.jpg)
We’re going to Black Hat Baby!
![Page 84: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/84.jpg)
We’re going to Black Hat Baby!
![Page 85: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/85.jpg)
UEFI Rootkit
![Page 86: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/86.jpg)
UEFI Rootkit
•DXE Driver loaded by the DXE Dispatcher
•File Name • SecDxe
•File GUID • 682894B5-6B70-4EBA-9E90-A607E5676297
![Page 87: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/87.jpg)
UEFI Rootkit Workflow
![Page 88: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/88.jpg)
UEFI Rootkit Workflow
![Page 89: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/89.jpg)
UEFI Rootkit Workflow
![Page 90: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/90.jpg)
UEFI Rootkit: SecDxe
•Notify function • Installs NTFS driver
• Drops autoche.exe and rpcnetp.exe
• Patch a value in the Windows Registry
![Page 91: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/91.jpg)
UEFI Rootkit: NTFS driver
•NTFS driver needed to get file-based access to Windows’ partition
•Hacking Team’s NTFS driver from HT’s leak •NtfsDxe project from vector-edk
![Page 92: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/92.jpg)
UEFI Rootkit: Dropping files
![Page 93: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/93.jpg)
UEFI Rootkit: Dropping files
![Page 94: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/94.jpg)
UEFI Rootkit: Dropping files
![Page 95: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/95.jpg)
UEFI Rootkit: Patching Windows Registry Value
•Modifies Windows Registry via %WINDIR%\System32\config\SYSTEM
•Changes “autocheck autochk *” to “autocheck autoche *”
•HKLM\SYSTEM\CurrentControlSet\Control\
Session Manager\BootExecute
![Page 96: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/96.jpg)
UEFI Rootkit Workflow
![Page 97: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/97.jpg)
Demo
![Page 98: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/98.jpg)
Prevention and Remediation
![Page 99: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/99.jpg)
Prevention
•Keep your UEFI firmware up-to-date
•Enable Secure Boot
•Hardware Root of Trust (ex. Intel BootGuard)
•Hope that your firmware configures security mechanisms properly :-(
•Firmware security assessments can be done with CHIPSEC
![Page 100: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/100.jpg)
Remediation
•You need to reflash your UEFI firmware
• If it’s not an option for you then…
![Page 101: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/101.jpg)
Remediation
•You need to reflash your UEFI firmware
• If it’s not an option for you then…
![Page 102: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/102.jpg)
Conclusion
•UEFI rootkits are real-word threats
•Firmware must be built with security in mind
•Share knowledge about how to prevent and mitigate UEFI-based threats
![Page 103: Malware Buried Deep Down the SPI Flash: Sednit's First ...€¦ · Unified Extensible Firmware Interface (UEFI) •Replacement for the legacy BIOS •New standard for firmware development](https://reader030.vdocument.in/reader030/viewer/2022040621/5f3768149f456a4c3568503e/html5/thumbnails/103.jpg)
Thanks! Questions?
White paper available at welivesecurity.com
@jiboutin
@Freddrickk_