New TrickBot version can tamper with UEFI/BIOS firmware

New TrickBot feature scares security researchers.

bios-uefi-firmware-code.png

The operators of the TrickBot malware botnet have added a new capability that can allow them to interact with an infected computer's BIOS or UEFI firmware.

Security

The malware that usually installs ransomware and you need to remove right away

If you see any of these malware strains on your enterprise networks, stop everything you're doing and audit all systems.

Read More

The new capability was spotted inside part of a new TrickBot module, first seen in the wild at the end of October, security firms Advanced Intelligence and Eclypsium said in a joint report published today.

The new module has security researchers worried as its features would allow the TrickBot malware to establish more persistent footholds on infected systems, footholds that could allow the malware to survive OS reinstalls.

In addition, AdvIntel and Eclypsium say the new module's features could be used for more than just better persistence, such as:

  • Remotely bricking a device at the firmware level via a typical malware remote connection.
  • Bypassing security controls such as BitLocker, ELAM, Windows 10 Virtual Secure Mode, Credential Guard, endpoint protection controls like A/V, EDR, etc.
  • Setting up a follow-on attack that targets Intel CSME vulnerabilities, some of which require SPI flash access.
  • Reversing ACM or microcode updates that patched CPU vulnerabilities like Spectre, MDS, etc.

But the good news is that "thus far, the TrickBot module is only checking the SPI controller to check if BIOS write protection is enabled or not, and has not been seen modifying the firmware itself," according to AdvIntel and Eclypsium.

"However, the malware already contains code to read, write, and erase firmware," the two companies added.

Researchers say that even if the feature has not been deployed to its full extent just yet, the fact that the code is present inside TrickBot suggests its creators plan to use it in certain scenarios.

Appropriate cases may include the networks of larger corporations where the TrickBot gang may not want to lose access and may want to leave behind a more powerful boot-level persistence mechanism.

This module could also be used in ransomware attacks, in which the TrickBot gang is often involved by renting access to its network of bots to ransomware crews.

trickbot-ransomware.png

Image: AdvIntel

If companies who had their networks encrypted refuse to pay, the TrickBot module could be used to destroy their systems, AdvIntel and Eclypsium said.

Or the module could also be used to prevent incident responders from finding crucial forensic evidence by crippling a system's ability to boot-up.

"The possibilities are almost limitless," AdvIntel and Eclypsium said, highlighting TrickBot's many different areas where it also helps its customers operate.

trickbot-enterprise.png

Image: AdvIntel

Feature powered via publicly available code

But the addition of this feature to the TrickBot code also marks the first time that UEFI/BIOS tampering capabilities are seen in common financially-motivated malware botnets.

Prior to today's report, the only malware strains known to have the ability to tamper with UEFI or BIOS firmware were LoJax or MosaicRegressor.

Both are malware strains developed by government-sponsored hacking groups -- LoJax by Russian hackers and MosaicRegressor by Chinese hackers.

But according to Eclypsium, a company specializing in firmware security, the TrickBot gang didn't develop its code from scratch. Its analysis suggests the gang has instead adapted publicly available code into a specialized module they could install on infected systems via the first-stage TrickBot loader.

"Specifically, TrickBot uses the RwDrv.sys driver from the popular RWEverything tool in order to interact with the SPI controller to check if the BIOS control register is unlocked and the contents of the BIOS region can be modified," Eclypsium said.

"RWEverything (read-write everything) is a powerful tool that can allow an attacker to write to the firmware on virtually any device component, including the SPI controller that governs the system UEFI/BIOS," Eclypsium said. "This can allow an attacker to write malicious code to the system firmware, ensuring that attacker code executes before the operating system while also hiding the code outside of the system drives."

New feature added after failed takedown attempt

But the timing in the discovery of this new TrickBot feature is also something to take note of. It comes as TrickBot is slowly coming back to life after a failed takedown attempt.

Over the past few weeks, TrickBot operations have seen a flurry of updates, from new obfuscation techniquesnew command-and-control infrastructure, and new spam campaigns.

All of these updates are aimed at reviving and shoring up one of today's largest cybercrime-as-a-service botnet operations, which in its heyday, was controlling more than 40,000 infected computers each day.

Sherrod DeGrippo, Senior Director for Threat Research and Detection at Proofpoint, told ZDNet that Proofpoint "has not observed a significant change in the Trick volumes despite the disruptive activities by US Cyber Command and the Microsoft-led coalition."

For now, TrickBot doesn't only appear to have survived the takedown attempt, but is actually coming back to life with stronger features than before.

"Every actor responds to changes in their operational environment differently," DeGrippo added.

"[TrickBot] has demonstrated that its botnet is resilient to disruptive actions by governments and security vendors; however, it is not immune to future disruption. We anticipate a higher velocity of infrastructure changes and malware updates to occur in the near term."