Thursday, June 6, 2019

Firmware dumper

Hi all,

We've made our Win10x64 firmware dumper available for download here, if anyone wants to give it a try. It's much easier than turning off secure boot, and booting off a thumb drive. It's probably not perfect, but it seems pretty good. If you get a firmware dump, you are also welcome to upload it to us at the same URL, for analysis.

Saturday, January 26, 2019

Privacy revolution again

So, anyway, I won’t mention Sandra’s name, but a friend of mine, who used to be a security geek, but is now a goat farmer, pinged me with a scary story yesterday.

She got a robo call from PayPal, advertising something, which might be a bit annoying, but that’s not scary.

As you generally do, with an unrecognized number, she let it go to voice mail, and the message asked her to call back a different number. Nothing entirely amazing there.

But here’s the scary bit. The spoofed number pretended to be from a really small town in PA, that she had only ever been to once before... and that was _earlier that day_

Amazing coincidence, right?

Problem is, those of us in the security biz don’t tend to like coincidences, so the alternative is that something was tracking her.

She checked her settings for PayPal, but it showed that it only tracked her while using the app, and as far as she knew, she was not using the app.

So now we are left to wonder ... is something else selling its tracking data?

At this point, we simply don’t know, but there are certainly lots of apps (it is an iPhone) that are capable of tracking you all the time.

It’s either an amazing coincidence, or the Privacy Revolution in action.

Wednesday, November 28, 2018

ASUS UEFI rootkit

Hi folks,

Late October, I noticed this article

The nub of the article is that the authors noticed that the ASUS z390 motherboard was able to access the Internet, without any Windows 10 network drivers, and was able to install extra software.

This is remarkably similar behavior to the Lenovo rootkit, from 2015.

Now, let me stress, that in neither case, do I think they were of malicious intent. They were clearly designed to allow the vendor to install updates as needed, but the problem is that, just like with the Lenovo rootkit, no one would have known it was there, if it hadn't tipped its hand, by doing something obvious, and the obvious question is now, "What _else_ is out there?"

We have now found five variants of the ASUS UEFI updater/rootkit software, none of which seem to be detected by anyone. Oh, and seven variants of the (hopefully extinct) Lenovo rootkit from 2015.

Analysis continues.

Stay tuned.

P.S. If anyone wants to help, I blogged about how to dump firmware here.

Thursday, September 27, 2018

Stuff just got real

So, anyway, ESET just released that they found the first UEFI rootkit. You can read about it here … , but the short version is that they found an example of a modified version of Computrace/Lo Jack being used to attack a computer.

This is serious, and here are the main bits to know…

(1) Computrace/Lo Jack is a legitimate application that is factory installed into the firmware of nearly every laptop in the world, of all varieties. The idea is that if your laptop gets stolen, you can find it, and/or wipe it remotely. This is obviously good, and useful.

Close followers of my blogs, and posts, will know that I have pointed out that the Kaspersky guys, in 2014, showed how it could be compromised, and that it was therefore a potential problem, even though it is a legit app. This is not a slight against the excellent Lo Jack. All software has a weak underbelly, if you probe hard enough.

This is now proof that I was right.

(2) The perps are probably a Russian hacking group (military, KGB, FSB, or something similar), known by a bunch of names, but I call them Fancy Bear, for no particular reason other than it was the first name I knew them by, and it's a neat name. These are the same guys that (probably) broke into a factory in Taiwan in Feb 2018, and modified firmware in a bunch of computers, headed for the German government. If you are a suspicious soul, like me, you probably think this is not their only rodeo.

(3) The perps used a legitimate, and scary powerful tool called RWEverything. This is new to me, but the nub of the matter is that it is a legitimately signed driver that, seemingly, can read or write everything in firmware. This is obviously powerful, and cool, as long as it is used for good.

(4) So far, we have not found an exact match for the samples in their report in our collection, but we have _many_ variants of Lo Jack. They may be all innocent, or … maybe not. We are still looking and thinking.

(5) We still have six variants of the Lenovo rootkit, that no one detects (well, one product detects one variant, but that’s approaching zero from a stats perspective… one out of 360). This may/probably mean they are extinct, or ... maybe not…

(6) Interestingly, the modus operandi of the Lenovo rootkit and the modified Lo Jacks, are _remarkably_ similar. This might be pure coincidence… or … maybe something else.

Bottom line is that we have many variants of Computrace/Lo Jack that need to be examined, and many Lenovo rootkit variants that need to be examined.

And we have other things that look suspicious.

It would be really helpful to get more firmware samples, and it's geeky, but some How To instructions can be found here

All this, combined with what we have found about certificates being expired, or marked "Do not trust", or "Do not ship", which you can read about here suggests to me that we are on dangerous, shaky, and new, ground.

Stay tuned.

Friday, September 14, 2018

50% of firmware certs are expired?

So, anyway, I grabbed a bunch of firmware blobs (there were 99, to be precise) that I happened to have on this laptop, in order to look for more rootkit-like thingies, but I found some other bits that I found even more thought provoking, and I got sidetracked. I do have A.D.D. Oh look! A squirrel... (That's a joke, btw)

The first TPT (thought provoking thing) was that 38 of the 99 had certificates in them that said either "Do not trust - xxx Test PK", or "DO NOT TRUST - Lost Certificate", or "DO NOT SHIP - some_company Test KEK". That's about a third, and feels rather high.

It may be that the uploads that we are getting are not completely representative of what the Real World looks like. They might be coming out of test labs or something like that, which is plausible, because you have to be a bit of a geek to extract firmware. The other, and scarier, option here is that it _is_ representative of the Real World, and one in three computers has a "Do not trust" certificate in it. I hope that is not true.

The second TPT was that my program counted a total of 1,377 certificates, and fully 631 of them were expired. That's nearly 50%, and again, seems rather high.

Again, it might be that we are getting non-Real World firmwares being uploaded, but the other option here is that people are not updating their firmware, which seems likely to me.

The third TPT was that 24 of the blobs had a release date of 2018, and still had 42 expired certs in them. That seems weird.

The fourth TPT was that 5 of the 24 blobs from 2018 had a "Do not trust" cert in them. That seems way weird.

I can think of no reasonable explanation for number three and number four, unless they are coming out of labs, but I suspect that the real explanation is that manufacturers are simply not paying attention because no one is calling them out.

It's also a bit of worry that nothing in the firmware chain of trust seems to care about the dodgy certs. This implies, to me, that they could be replaced by out and out APT-level malware, and nothing and no one would notice.

The plot thickens.

The main thing we need is more samples, so if anyone wants to help, instructions about how to dump your firmware are here.

Stay tuned.

Wednesday, August 29, 2018

_Fourth_ Lenovo Rootkit variant

Hi folks,

As our ROM analysis tools continue to improve, we find more "interesting" things. Today, we seem to have found a fourth Lenovo Rootkit variant.

Admittedly, it might not be. It might be just unfortunately named (NovoSecEngine2), but it does seem to share about 97% of the code of some of the other variants, so it looks pretty suspicious.

If you read my other blogs, you will know that two of the variants had 0 detections, and one had a single detection, and unsurprisingly, this one has 0 out of 57 detects.

Again, it's important to understand that I am not suggesting that Lenovo did anything wrong. I think they were completely innocent, and just trying to make their products more secure, and I must emphasize that there is no reason to think any of these are still in circulation, unless someone hasn't updated their firmware.

It's simply instructive that there seem to be four variants, when everyone thought there was just one.

One wonders what else we will find.

Stay tuned.

Wednesday, August 22, 2018

Instructions on how to dump your firmware

Hi folks,

A number of people have asked me how they can participate in firmware gathering, and the short answer is, "Dump your firmware, and upload it to us, at https://armor.ai".

As you might expect, the actual answer is a little longer, so here are the instructions for firmware dumping...

On a Mac running High Sierra, it's easy, because there is a built-in command, eficheck. Here are the steps:

1) Open up a terminal

2) This command saves system's EFI firmware, type:

sudo /usr/libexec/firmwarecheckers/eficheck/eficheck --save -b YourFilenameOfChoice.bin

3) This command overwrites EFI variables portions, scrubbing any privacy-sensitive bits, enabling the image to be shared for analysis, type:

sudo /usr/libexec/firmwarecheckers/eficheck/eficheck --cleanup -b YourFilenameOfChoice.bin

4) upload firmware.bin to https://www.armor.ai/scan

Windows is trickier. There are a number of ways, but currently, the easiest seems to be these steps:

Either, (a) download your own version of ChipSec from https://github.com/chipsec, read the manual, and make your own zips, or (b) Download a version of ChipSec and an EFI shell from my DropBox (my EFI shell is set for an x86 machine)

https://www.dropbox.com/s/hyftzcttq14pm2p/chipsec.7z?dl=0
https://www.dropbox.com/s/7982bi2qrkhkosh/efi.7z?dl=0

and unzip each of those into the root of the thumb drive, and then:
(1) Boot your computer into BIOS, and turn off secure boot
(2) Boot into the thumb drive. This should bring up an EFI shell, that looks a lot like old MsDOS, but is neither Dos nor a Linux shell. It brings up a command prompt that says, “Shell>”
(5) You need to get into the root directory of the thumb drive, by typing FS0:
(I have seen machines where the thumb drive came up as FS1:, and even FS2:, but generally, it’s FS0:)
(6) You should then be able to do a Dir or LS, and see the Chipsec directory, and an EFI directory.
(7) Change directory to chipsec ... cd \chipsec
(8) type: python chipsec_util.py spi dump filename.bin
(9) type: exit

That should allow you to boot back into BIOS, and turn secure boot back on, and then boot to your OS, and upload the captured file to https://www.armor.ai/scan

Be sure to put your email into the webpage, because some analyses take a while, and your email will allow us to send it to you, when it is complete.

Thanks in advance for your help