Blue Pill: The first effective Hypervisor Rootkit

Blue Pill: The first effective Hypervisor Rootkit

Summary: Unlike SubVirt which relied on commercial virtualization technology like VMware or Virtual PC, Blue Pill uses hardware virtualization and allows the OS to continue talking directly to the hardware. Commercial virtualization software has to emulate full I/O functionality from storage to networking to video and it would be exceedingly simple to detect driver changes. Furthermore, it would take a fairly complex physical to virtual migration to get SubVirt installed on the system. Blue Pill on the other hand can do an on-the-fly install and simply shift your Operating System from direct control of the physical computer to a virtualized state living under the control of Blue Pill. Blue Pill then acts as an ultra-thin Hypervisor that lies dormant most of the time using virtually zero overhead and waits for "interesting" events such as keyboard input.

SHARE:
TOPICS: Virtualization
18
Blue Pill can do an on-the-fly install and simply shift your Operating System from direct control of the physical computer to a virtualized state

I had a chance to sit down with Polish security researcher Joanna Rutkowska of Singapore-based COSEINC after Black Hat 2006 last week and we discussed her research of a whole new class of rootkit technology along with her research on bypassing Vista x64's security.  Joanna Rutkowska has come up with a whole new class of rootkits that's nothing like we've ever seen which requires a whole new way of detecting rootkits.

Blue Pill is the name that Rutkowska gave for this new breed of rootkits that take advantage of AMD's Pacifica virtualization technology called SVM (Secure Virtual Machine) though future versions will be ported to Intel VT-x virtualization technology [UPDATE: Dino Dai Zovi actually independently created a Hypervisor VT-x based rootkit].  The "blue pill" references one of the pills offered to our hero Neo in the movie "The Matrix".  The blue pill washes away all desire to know the truth and would have allowed Neo to go on with his life as Mr. Anderson the respectable programmer living inside the virtual world of the Matrix being exploited by the Machines.  The "red pill" was the antidote to wake someone up from the Matrix to escape slavery.  Blue Pill the rootkit actually more potent than the blue pill in the movie because the rootkit doesn't just keep you locked in the Matrix; it actually reaches out and hijacks you from the physical world into the virtual world.

While this isn't the first time someone has come up with the Hypervisor-rootkit concept (Microsoft Research SubVirt was the first), Blue Pill truly appears to be the first effective Hypervisor-rootkit by a long shot.  Unlike SubVirt which relied on commercial virtualization technology like VMware or Virtual PC, Blue Pill uses hardware virtualization and allows the OS to continue talking directly to the hardware.  Commercial virtualization software has to emulate full I/O functionality from storage to networking to video and it would be exceedingly simple to detect driver changes.  Furthermore, it would take a fairly complex physical to virtual migration to get SubVirt installed on the system.

Blue Pill on the other hand can do an on-the-fly install and simply shift your Operating System from direct control of the physical computer to a virtualized state living under the control of Blue Pill.  Blue Pill then acts as an ultra-thin Hypervisor that lies dormant most of the time using virtually zero overhead (on most tasks) and waits for "interesting" events such as keyboard input.  Once keyboard input is tapped, any password entered in to the computer can be key logged with ease.  Blue Pill can also have interaction with the network interface though it doesn't attempt to virtualize the entire interface like VMware or Virtual PC.  The video and storage subsystem is untouched and can directly talk to the hardware which allows for zero degradation in Video and Storage performance.  Because Blue Pill makes no modifications to the BIOS or Hard Drive and resides outside of the Virtual Machine where the hijacked OS lives, it's virtually impossible to detect with conventional software method running on the victim PC.  In part 2 of this blog, I'll go more in-depth in to possible Blue Pill detection methods.

While there is an upside in stealth by avoiding a hard drive install, the downside of course is that Blue Pill is not persistent to a reboot.  But Servers really don't reboot all that much and even when they do reboot, the damage has already been done and the password has probably already been logged from the keyboard entry.  Once the password is known, the hacker can probably get back in to the network and simply reinstall Blue Pill on the fly.  Furthermore, Rutkowska is also working on emulated shutdown and reboots.  If she is successful, it will leave you wondering if you really did reboot or if it was a Blue Pill emulated restart.  For those of us that are paranoid, you might want to start thinking about yanking the power cord during reboots.

Topic: Virtualization

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

18 comments
Log in or register to join the discussion
  • Wow...

    w00t!
    CTSTechs.com
  • I think this has been debunked

    http://tocm.blogspot.com/2006/07/spend-more-time-reading-less-time.html#comments

    Arthas
    JamesNT
    • More Fuel to the Blog Fire

      http://www.virtualization.info/2006/08/debunking-blue-pill-myth.html


      Although I don't know how I feel about using Blogs for resources. I rather have Wikipedia.
      nucrash
    • Careful about that

      I was very skeptical of the claims initially until I researched this. Yes I read the Xen developer's blog too and I'll discuss it in part 2 of this blog. But I would be very careful of dismissing this. As I said in the blog, it's 100% undetectable through conventional means. The external time source would actually have to use an encrypted time protocol or you'll have to use a stop watch which isn't really a practical solution.

      Anyways, more on this in part 2.
      georgeou
      • Maybe George, but bluepill is not at the stage required yet

        to be 100% undetectable if you believe Anthony Liguori.

        Taken from [url=http://www.virtualization.info/2006/08/debunking-blue-pill-myth.html]virtualization.info[/url]
        [i]"All it does is turn on SVM, and set up a small piece of memory that is called periodically. It makes no attempt, currently, to hide that memory from the operating system so one could simply search all of physical memory.
        However, even if she builds a full VMM with proper memory protection (which is no small task), there would still be a way to detect it."[/i]

        ...

        [i]"She would have to get Blue Pill to the point where it was as good of a VMM as Xen or VMware ESX. That's no small task!"[/i]

        Sounds to me like discussions are based around what bluepill MIGHT be, rather than what it ACTUALLY is.
        Scrat
      • RE: Blue Pill: The first effective Hypervisor Rootkit

        Every time you falter by a become infected with, you force expect in lieu of an adequate amount of advice here
        <a href="http://caviar-store.com/">Russian Caviar</a> | <a href="http://caviar-store.com/">Cavier</a> | <a href="http://caviar-store.com/">Cavier</a>
        Jonhsonson
  • Very Nice Indeed

    Right now, I would assume the only way to detect whether or not a blue pill was installed was to run a network traffic monitor at the gateway and look for any abnormal traffic going to unknown IPs.

    As noted though, this takes an AMD processor at the moment. In time there will be an Intel counterpart.

    There are some major points missing from her Blue Pill to make it effective as a exploit. However, she has cracked a major portion of what could be one of the stealthiest exploits to date. Packet Sniffers will become very handy here very shortly.
    nucrash
  • Great Article George

    Let's get to the 'skinny', namely Blue-Pill detection methods!

    This Pacifica/VT technology is really a 'new frontier'.

    Another one outta the ball park!

    Thanks George.
    D T Schmitz
  • Complete bunk!

    Details here: http://www.virtualization.info/2006/08/debunking-blue-pill-myth.html

    This is one of the guys who helped write the Xen hypervisor.
    Robert Crocker
    • Read the comments at the bottom of that article...

      Before you call it "complete bunk"
      CTSTechs.com
      • You mean this one?

        [i]Here's a concrete example. On normal hardware, say the rdmsr instruction takes 10 cycles. Under Blue Pill, it would take at least 1000 cycles (which is a difference in two orders of magnitude).

        Let's then say that there is a 0.5 second uncertainity with an NTP server on average. This means the time you get from the NTP may be off by +0.5 or -0.5 seconds by the time you get around to processing it.

        If you knew that an rdmsr loop would last for 2 seconds if you ran it N times (imagine the OS calibrates this loop upon installation), then if you ran it on native and used NTP to time it, you'd get anywhere from 1.5 to 2.5 seconds as the time it took.

        Under Blue Pill however, when you ran the same loop, you'd observe that it took anywhere from 199.5 to 200.5 seconds. Clearly, such an extreme difference is an indicator that something is wrong.[/i]

        We're talking two orders of magnitude difference in timing. (The times are arbitrary but the orders of magnitude are the crucial item.)
        Robert Crocker
        • Sounds like the COMMENT might be bunk

          Two orders of magnitude is a lot to miss.

          And bear in mind that all of these people critiquing Blue Pill have yet to actually put their hands on it.

          Right now, you're all counting angels on a pinhead. Wait until someone uses the technique to spread an undetectable worm. (Of course, that will probably be done by a man, so people will listen.)
          escoles@...
          • Not at all

            First off the "commenter" in question previously stated:
            [i]rby,

            [b]I actually discussed this with Joanna on her blog prior to her giving any talks.[/b]

            The actual amount of time differences is not important here, it's the ratio of the the two times that's important. A hypervisor exit will takes thousands of cycles so the difference is orders of magnitude.
            [/i]

            Plus it's a comment from the person who was interviewed for the article and being a designer for Xen happens to know a thing or two about virtualization.

            The timing difference is related to the fact that while the command in question is quite fast, the process of invoking and exiting the hypervisor are slow in comparison because of additional overhead needed to deal with the requirements of potentially more than one OS competing for resources.
            Robert Crocker
  • Detection

    Having read the article and the posts by the Xen developer, I'd have to agree that an external timing source would allow you to detect that your system has been compromised. Simply running a machine code instruction enough times should allow you to detect it with your wristwatch.

    Given that it's not truly undetectable, it just joins the rest of the malware.
    TonyMcS
    • Don't dismiss it right off the bat

      I was very skeptical of the claims initially until I researched this. Yes I read the Xen developer's blog too and I'll discuss it in part 2 of this blog. But I would be very careful of dismissing this. As I said in the blog, it's 100% undetectable through conventional means. The external time source would actually have to use an encrypted time protocol or you'll have to use a stop watch which isn't really a practical solution.

      Anyways, more on this in part 2.
      georgeou
      • Not dismissing it

        Not entirely dismissing it, as the BIOS and the OS are really just software loaded onto the hardware and the distance we've moved from the hardware does probably open some virtual holes.

        And a stopwatch would work with enough iterations, but you could also use external devices to read the stuff off the display emissions or just plug your display out cable into a black box. Essentially you just need to run the app and measure the time, an external black box just needs to know the start and end, but you could essentially do the same thing with a stop watch or just count in your head. However, given that you would have to disable interrupts to prevent all those other pesky apps taking time slices, it's probably not an everyday solution ;-)

        Anyway, is this really necessary with all the social engineered malware and the certainty that a large proportion of the population would click on a DONTCLICKME.BAT file that could wreak any amount of damage.

        Hardware abstraction has brought many benefits but it may also cause some serious problems. Interesting to know what they'll do about it.
        TonyMcS
  • Software-based hypervisors

    will always be vulnerable to some sort of attack. Hardware (ROM)-based hypervisors (like IBM's) are much harder to attack (if they can be attacked at all). I'm just waiting for InHell to come along and offer a hardware-based virtualization solution - and say goodbye VMWare, M$, and Xen.
    Roger Ramjet
    • Hardware virtualization is part of the equation

      Xen's "paravirtualized" kernels or Microsoft's
      "enlightened" kernels perform much better than hardware CPU virtualization. VMware is currently using full emulation which is the slowest method but VMware's hypervisor is mature and well past the vapor/beta stage. That will change drastically in 2007.
      georgeou