Background
On May 31, 2023, an article titled "Millions of PC Motherboards Sold with Firmware Backdoors" was published [1], which caught the attention of QiAnXin Threat Intelligence Center.
Researchers from Eclypsium, a network security company specializing in firmware, revealed that they discovered a hidden mechanism in the motherboard firmware sold by Taiwanese manufacturer Gigabyte. The components of this mechanism are typically used for gaming PCs and other high-performance computers. Eclypsium found that every time a computer with an affected Gigabyte motherboard restarts, the code in the motherboard firmware invisibly launches an update program running on the computer, which then downloads and executes another software [2].
Eclypsium has stated that although the hidden mechanism can keep the motherboard firmware updated, researchers have found it to be insecure. The mechanism could be hijacked and used to install malicious software instead of Gigabyte's intended program. Additionally, since the update program is triggered by the computer's firmware outside of its operating system, it is difficult for users to remove or even detect it. In this study, Eclypsium researchers listed over 200 affected models of Gigabyte motherboards.
The article has attracted the attention of security researchers at home and abroad after its release. Based on the original text of Eclypsium's article, QiAnXin Threat Intelligence Center has sorted out and analyzed this incident, assessed its impact through TIP, and finally conducted an overall analysis of the event.
Analysis and Interpretation of Eclypsium Original Article
(1). Key Findings
1、Eclypsium has detected that firmware on Gigabyte systems releases and executes Windows binary files during the Windows boot process.
2、This binary file can download and execute other payloads from the Internet, and the download channel cannot guarantee security.
(2). Communication Domain Name
The released Windows executable is a .NET application that downloads and executes executable payloads from one of the following domain names, depending on its configuration.
(3). Execution Process
Eclypsium's preliminary analysis of the affected UEFI firmware has identified the following files:
| - | - |
|---|---|
| Name | wpbbin.exe |
| MD5 | 015654475E4A6F923D9A7FB96F05EAC9 |
| Size | 1209656 bytes |
| Creation Time | 2022-10-21 07:15:51 UTC |
The file is embedded in the UEFI firmware volume with the GUID: AEB1671D-019C-4B3B-BA-00-35-A2-E6-28-04-36. The executable file is incorporated into the UEFI firmware and written to disk as part of the system boot process, which is a commonly used technique by UEFI implants and backdoor programs.
During the UEFI firmware boot stage, the "WpbtDxe.efi" firmware module uses the aforementioned GUID to load the embedded Windows executable file into memory, installing it into the upcoming loaded WPBT ACPI table, and executing it during Windows startup by the Windows Session Manager Subsystem (smss.exe). Before installing the executable file into the WPBT ACPI table, the "WpbtDxe.efi" module checks whether the "App Center Download and Install" feature is enabled in the BIOS/UEFI settings. Although this setting appears to be disabled by default, it was found enabled on the systems examined by Eclypsium researchers.
Then, the executable file releases GigabyteUpdateService.exe in the %SystemRoot%\system32\ directory and registers it to run as a Windows service. Subsequently, it extracts another Windows executable file from the resource section. This file is a .NET application that requests the server to download and execute the update program.
Code Analysis
Based on the disclosed files by Eclypsium, we can verify the potential OEM backdoor without requiring Gigabyte motherboards through code analysis. The initial disclosed executable file carries a valid signature from Gigabyte.
Upon execution, this executable file uses the Windows Native API to write the contents of its embedded executable file to the %SystemRoot%\system32\ directory and names it GigabyteUpdateService.exe.
Next, it sets a registry entry to run GigabyteUpdateService.exe as a Windows service.
Within the service function of the GigabyteUpdateService.exe executable, it extracts a .NET executable from the resource section.
Finally, it calls the .NET executable using the CreateProcessAsUserW function.
Different parameters are passed based on various scenarios.
Within this callback function, a switch case structure is used to allocate different branches.
在其回调函数中,通过switch case结构来分配不同的分支。
When the parameter "DownloadAndInstall" is passed, it requests the download of a specified update program from the server. The URL for downloading allows options of HTTP and HTTPS.
Unfortunately, the downloaded program is executed without any verification.
Through code analysis, as mentioned in the Eclypsium article, it is evident that pure HTTP downloads should never be used for updating privileged code as they are susceptible to Man-in-the-Middle (MITM) attacks. Even when using the HTTPS option, remote server certificate validation is not implemented.
Impact Analysis
Eclypsium researchers have identified over two hundred affected Gigabyte motherboard models, with reports from foreign media indicating that the number of affected models reaches the million mark.
According to the query results from QiAnXin's Threat Intelligence Platform (TIP) for the update domain mb.download.gigabyte.com, it shows a significant level of client access.
Considering that this domain may host other Gigabyte update services, based on the assessment from QiAnXin's data perspective, the estimated number of globally affected machines is at least in the hundreds of thousands.
Conclusion
Through code analysis of the potential backdoor in Gigabyte systems, it is evident that no effective verification is performed during the download of update programs. Moreover, using the HTTP protocol for downloads makes it susceptible to Man-in-the-Middle (MITM) attacks. Additionally, the insecurity of the update process opens the door to MITM attacks through infected routers, infected devices on the same network segment, DNS poisoning, or other network manipulations. It is worth noting that the third connection option in the potential backdoor code, "https://software-nas/Swhttp/LiveUpdate4," is not a fully qualified domain name but possibly a machine name on the local network. This means that an attacker on the local subnet can lure the implanted program to connect to their system without DNS spoofing.
Historically, there have been numerous cases of OEM potential backdoor attacks using this type of technique, even involving APT organizations. This highlights the severe consequences that arise from inadequate security in OEM low-level code.
Reference Links
[1]. https://www.wired.com/story/gigabyte-motherboard-firmware-backdoor/
[2]. https://eclypsium.com/blog/supply-chain-risk-from-gigabyte-app-center-backdoor/