Security researchers over at ESET have shown that UEFI rootkits are no longer a theoretical topic for discussion at conferences. Advanced persistent threat group Sednit, otherwise known as Fancy Bear, Strontium, Sofacy, among other names, has found a way to modify the contents of flash memory where the UEFI is stored.
Unlike traditional malware that is installed to a hard drive, components of LoJax malware were discovered in the firmware that helps load an operating system. Colloquially, UEFI is sometimes still referred to as the BIOS of a machine. Formatting and replacing a hard drive does nothing to stop malware hidden away in flash memory on a motherboard. Although it is possible to scan UEFI contents, it is still not a common practice. The only way to remove malware discovered in UEFI is to flash the firmware with a legitimate copy.
Sednit group has been in business since at least 2004 and may have been the same group responsible for hacking Democratic National Committee servers before the 2016 elections.
As part of the LoJax malware, a kernel driver is used to gain access to UEFI settings. The driver in question is bundled with a piece of software called RWEverything that is a legitimate application for reading low-level system information. It has a valid code-signing certificate and is not a problem under normal conditions. This driver is merely used to obtain information about a target system.
A second piece to the puzzle grabs a copy of the SPI flash memory where the UEFI is stored. A third tool is then used to inject a malicious module into the stored copy and write it back to the flash memory. Each platform has unique protections in place, but the patching tool is able to bypass many through a variety of clever workarounds.
The only purpose of the UEFI malware discovered is to drop additional malware onto a system at the time of boot and execute it upon startup.
There is some very good news though about how to remain safe against this type of exploit. Enabling Secure Boot is believed to prevent the attack from working because the modified firmware is unsigned. Secure Boot requires that all firmware is properly signed in order to execute.
Additionally, the attack only works on UEFI configurations that have vulnerabilities present. Many newer chipsets that have the Platform Controller Hub Intel added to the Series 5 chipsets in 2008 are already immune to this discovered rootkit.
Regular end users have little to worry about, but governments around the world are known for running outdated systems. Select organizations in the Balkans and in Central and Eastern Europe were found to be targeted by Sednit group using their extensive knowledge of exploits.