3:16 To terminate the UEFI services, the bootloader/kernel calls ExitBootServices, which is helpfully provided by the UEFI firmware itself - so the kernel cannot in fact shut down a malicious UEFI implementation, it can just ask it nicely to shut itself down
If this UEFI malware is really sophisticated, I imagine it’s theoretically possible it could reinsert itself into the image when you update, or just fake the update. Now that would be neat / horrifying.
@@SaitoShepherd Not really, there are hw programmers for bioses, they are like 20$ You can also swap the bios chip (in the last decade it was easy, nowadays they are soldered iirc)
@@SviatoslavDamaschin BIOS chips aren't BGA though, so while they still take some soldering skill, it's nothing close to the level necessary to solder BGA components.
A couple months ago, I ordered an Asus board from Newegg and I didn't notice it wasn't shipped by Newegg until right after I bought it. It arrived in a white box. I emailed the seller to inform them that I ordered a new motherboard, but they sent me a used one that wasn't even the correct model (didn't have WiFi). The seller told me that it was okay because I could trust their quality and they made sure to test it and they would also send me cash in the mail. They also told me not to send it back as the item wasn't eligible for a refund and they would charge me $25 if I sent it back. After over a month of going back and forth with Newegg, I managed to get a refund. I wonder if they were sending me an infected board?
After the Gamers Nexus fiasco, the only thing I use NE for is checking HW to buy elsewhere. )NE even gives me a hard time over my vpn.) And with Amazon being goofy with their delivery times (at least here), I just get what I can from microcenter.
9:16 And this is why I'm glad you informed everyone about the Intel Management Engine and the AMD Platform Security Processor, Windows 11 requiring a TPM (and generally being Spyware already) as those two things alone have already reduced our trust in the hardware our computer has, and the software they (either the government or the tech companies) want us to use. You are performing a wonderful public service by informing the public, thank you.
Dear Mental Outlaw, The scariest thing about this - when you described how it must be a man-in-the-middle attack performed after the manufacturing and before the end user receives it, The scary part is if any of the alphabet boys were suspicious of someone and wanted to get easy info on them, they could see that they're trying to order a motherboard or other computer part and legally intercept it before shipping in order to install infected firmware. This is a terrifying idea that renders online purchases insecure unlike in a store where the motherboards are already there. It's not a stretch to imagine that some Asian country like the PRC created and/or installed this malware with or without ASUS's knowledge. (as you said this mainly occurred in Asia)
Online shippings are safe, no one can open the package before it reaches the user or the company would loose reputation, more likely someone must've to brake into the storage room and manually insert the malware into the PC if the product has a waiting time before delivery like days or weeks, a company would have the worst security to let someone do that regardless of waiting time, they cant steal the package when it's being sent to the client as any delay is noticeable and they can't possibly be employees of the same company doing it. It bust be a shady criminal business doing it.
This is why when embassies, etc, want to buy hardware (or printer cartridges for example) they send someone to a physical store some distance away to pick one off the shelf at random.
PSA: In some brands of Notebooks you can NOT reset the BIOS password by removing a battery or with a jumper. The password is stored in a exclusive partition of the UEFI nand/nor chip itself with is non volatile memory. Updating/flashing the BIOS true normal means will not remove the password either since the manufacture makes so that updating the firmware will only write over the UEFI partition leaving a partition made exclusively to keep the password alone. The only way to remove the password is by using a EEPROM programmer and having a backup of the whole UEFI chip content that doesn't have a password (Some people know how to patch the rom to remove the password so you may not need the password free backup). A brand that I'm aware that is like this is LENOVO. In short be sure to not forget your Notebook BIOS password and remember to remove it before selling it.
Thinking about it, computer distribution in general is in a very barbaric state. When you are buying a PC, you are literally buying a cat in a bag, no manufacturer seals, no holographic stamps from the factory. Security of the computer supply chain is very important, it needs to be treated like we do with alcohol or medicine - no tampering with from the factory conveyor belt, period. I live in Asia and I just recently bought ASUS motherboard that falls directly under the criteria. The problem is - reflasing is done by the motherboard itself, where is the guarantee that reflasing mechanism is also not compromised to reject/modify new flashes?
You can remove the UEFI chip itself, and use an external flasher to update the UEFI without even booting up the infected machine if you want to be sure that it's updating That is, if you can get a 100% authentic UEFI FILE from ASUS themselves, since ASUS seems to like the idea of updating the UEFI from Windows, and not from the UEFI itself Quick note: the difference between a UEFI updater and a UEFI file is that an updater has all the stuff to write the update to the chip from Windows, and the UEFI file is only the software on the chip itself
no , you get warranties and assurances and if those fail , your item can be returned at little to no additional cost. if you buy a used board with an embedded virus , there 's not to much you can do right now . wait a few months and they will have a solution.
@@Auditing102 regulating sale/installation of bios chips doesn't hurt anyone . it ensures greater security coming and going from the factory. regulation of booze led to confiscation 80 years ago and thats where that backwards statement comes from .
This potential type of problem was one reason for the Libreboot project and the use of the older IBM/Lenovo laptops as they represented one of the last environments with publicly available chipset descriptions etc. and the ability to have an open source bios. Of course as time passes these machines become less usable. We just don't know what we're buying nowadays.
@@TheExileFoxIME itself is one of the attack vectors in these persistent exploits, and had even been the cause of multiple UEFI/CPU level persistence incidents already by the time this video was posted.
Great video, really made me think. I recently bought a used router. When I hooked it up to my laptop (offline!) I found that it had an unofficial firmware, remote login was enabled and it had a DynDNS configured 😟 The passwords and SSIDs matched the ones on the sticker so Average Joe would have no idea that the person who sold him the router could have full access to his LAN. I suspect this was done maliciously but have no proof. It's crazy how many ways there are to compromise people's security if they don't know what to look for!
Ah good, a reminder not to buy used routers or probably networking hardware in general, lord only knows I would not catch something like that until it was too late.
@@plasmaoctopus1728 So long as you check things out and do a pinhole factory reset before going online it should be alright but I know what you mean. Use an amnesic OS when you first connect just in case there's malware that can spread via the network. Used stuff is more risky, for sure, but you should do this for new items too if possible. It only takes a few minutes. Remember, even big corporations like Sony install rootkits when they feel like it! 😬
I wouldn’t be surprised a bit if we find out later there is already a back door in hardware from the manufacturer, and they’ll claim it’s for “National Security” and we’ll just say oh you silly geese that’s ok, lol.
mfw I order hardware from China so the chinese government has access to my data but the US government won't (as the Chinese would have incentive to block anybody else from accessing their juicy juicy data)
what the frack do you think windows 10/11 is? All it has become is one GIANT back door for big daddy government - and YEAH - the hardware manufactuers are ALSO IN ON IT!!!! (keep wondering why the older computers are becoming more and more coveted - created back before all this crap started to really go down). Edward Snowden wasn't just talking out of his butt. The US Gov hates him for a very good reason - he blew the whistle on their blatant privacy violations they take against us EVERY DANG SECOND!!!!!!!!! The same thing with all these smart phones people use. It's a microphone that reports right back to big daddy G along with GPS to track your every damn movement.
This is not what the original definition of the “Evil Maid Attack” was (as presented at DEFCON). Instead it’s about any sort of reliable access a attacker or agent of an attacker has to the physical premises such as the groundskeeping or cleaning employees of a large company that has sensitive hardware. MOST IMPORTANTLY the timeframe is completely different! The original concept is that the attack can be installed (especially for stuff like EMF Capturing or leaving malicious hardware) then removed at a later date, like a month later. This way the infiltration of the attack and exfiltration of stolen data/etc doesn’t have to go over the network at all!
Oh boy, so many inaccuracies. 1. You're missing a few layers between ring 0 and UEFI. Namely system management mode is a particularly enticing place to keep your backdoor. 2. Extra chip on the MB is not really viable backdoor as there is no good way for it to boss the CPU around. You'd have to modify RAM content to inject code, but x86 uses several levels of indirection to access RAM and those tables are hardly ever flushed from cache because they're being used *all* the time, so you won't find them in RAM and without them, you're looking at a random scrambling of 4k blocks of memory with no idea what's where. A better example would be a backdoor baked into the CPU's silicon itself. I'm not aware of any in Intel or AMD CPUs, but there have been multiple documented cases with smaller manufacturers. 3. Almost all anti-malware solutions use kernel mode hooks. But also kinda not. When Microsoft introduced PatchGuard (which you mention in the video), they took that ability away. They provided kernel mode scanning APIs for anti-malware products to use instead, but they are limiting and introduce a single point of failure which _has_ been exploited. Now, AV companies _could_ disable PatchGuard, but we choose not to, because fighting a behemoth like Microsoft head-on is not fun. 4. What you're describing is a supply chain attack, not an evil maid attack. Perplexingly, you later describe an evil maid attack correctly, but don't realize it's completely different from what you talked about before. 5. I haven't seen a laptop with a CMOS battery or a clear CMOS jumper in probably two decades. Laptops use flash for storing BIOS/UEFI settings and have no direct way to reset them precisely because by their very nature they are more susceptible to physical tampering. To reset settings on a laptop, you have to hook up a flasher and erase the chip that way.
Thanks for the info. Can you say anything more about the CPU indirectly accessing RAM? I of course know about multi level page tables but I was under the impression that when the CPU views "physical memory", the pages are contiguous in the same way they are on the actual physical hardware.
I think he just wanted to use the Evil maid attack in an example for a while now, it's more visually interesting than a supply chain attack :3 Though far less terrifying IRL tbh. That fucking hit on solarwinds caused my client a lot of fucking heartburn
Re. #2, why would a malicious chip be designed to need the CPU? China pulled it off on Cisco(?) network hardware in the last couple years. US intel also but on other hw, if I remember correctly. But those would only be examples of when it was both discovered and disclosed
rape jokes aren’t funny and you’re really scary for thinking that they are. you calling this “dark humor” is literally the problem with actual dark humor. humor is supposed to be funny too, you can’t just be edgy. hope you’ve done some soul searching bro
At first I thought you said "evil made"... Iirc. There are retailers who can re seal factory sealed boxes, or at least claim they do. When I returned a 8350 (worse performance than my x6), I got an exemption on the restock fee, since they could seal it up themselves. Got myself a 4770K that has been running at 4.3 GHz since that day (it was 1 or 2 months after it's release).
Beyond setting a BIOS password, put your laptop in a lockbox with at least two types of locks. Place that inside a wooden puzzlebox. The evil maid can't just smash it to get at the lockbox, because that would be an obvious sign of tampering.
Thank God I'm a BIOS updater. So many people in the tech space are like "NEVER UPDATE YOUR FIRMARE REEE". I always update my BIOS/UEFI. On old computers that's easy, once and done. On my main desktop, I only do it every couple of months. But I do have an ASUS motherboard. Though if I remember right this was Intel only, right? And you said it was primarily in Asia, so I'm probably okay.
Some old Chromebooks have a screw shorting the WP# pin of the BIOS chip to ground. The chip is forced in read-only mode until you remove the screw. Solves the problem and is easy enough to undo.
@@GhostSamaritan Not sure what you mean. It can read and write to anything in your system, it even runs a full OS. If you meant that the microcode and intel ME itself is read only, as in "can't be updated", that's also incorrect. It can be written to.
Just when you thought malware couldn't be worse, it is found on motherboards. It wouldn't be a big deal if you could just flash a clean firmware to the board but you need to know for sure which ones are clean.
I don't even trust those firmware updates from Windows, but I don't mind but proceed anyway. Ultimately, the best defense is you don't cling your PC with anything of value, and you are ready to ditch internet if need be. I got a standby motherboard in any case... ... and got it from another source. Hee hee hee... ... Also, the system linking to sensitive operations is totally secured, and not even in my home. It cannot be infected with motherboard malware, and have 3 layers of security that any compromise will be easily detected and removed and system recorrect itself, cos there is a burn in physical chip with burn in program that cannot be altered by any programming at the final layer. Any attempt triggers alert and system realigns itself keeping everything safe and work resumes. Super max security. Too bad I don't know the technology behind. But alien technology to most... ...
I love how this went from a very dangerous malware that's next to impossible to get rid of to hotel maids completely deconstructing my computer so they can put malware on it
1:19 Image says less than Ring 0, which would be Ring -1 and Ring -2. Video says Ring 0. SMM is said to be running in Ring -2, and that's setup as part of the firmware. Although in my opinion, there really isn't much sense in splitting that. And protection wise, you can usually infect Ring -1 and Ring -2 from Ring 0, which should make clear, that there really isn't any special protection going on here. It's just that Ring -1 and Ring -2 are running transparently for the rest of the firmware, so anything there can be hidden away completely from the OS Kernel that's running in Ring 0. Intel ME would also likely be considered a lower ring than Ring 0, considering it's running before any OS.
It's funny because any of my friends when they buy second hand phones don't factory reset them. They think that's it's a great idea to accumulate the residues of the last owner
Buying second hand is actuslly great because it has an aged IMEI, so while your IMSI will change its not a brand new phone so I think that grants at least a little bit more anonymity for your device. Especially if you register the new prepaid plan in the name of the previous device's owner lol
@@killertigergaming6762 Don't act like you know what you're talking about when you don't. Counts around the western world have upheld the legality of using alias information. You don't even know the definition of fraud because no one is being defrauded here, you are registering for service with an alias name matching the previous owner & are paying for said service with your own money. Please explain what party in this transaction is exactly being defrauded & how?
stuff like this is why i buy motherboards with socketed rom chips, so i can dump them in my programmer in the event of _any_ issues. it's... difficult at times, since there's cycles where no manufacturers make any, and i have to wait a bit, but its saved my bacon more times than i care to name. this just adds another bullet point to the list of reasons why.
A better solution for that would be something some motherboards did in the past: put the BIOS firmware in a socketed chip. That way, if the thing gets corrupted, you take that chip out and either reflash it or replace it.
"Reflash your board with a known working firmware version" wouldn't work on boards with firmware downgrade protection via eFuses on the chipset, and actually downgrading would brick your board. Just like on Samsung phones, if the malware knows how to toggle the board eFuses, it would instruct them to make it appear as a legit update has occurred, and up the eFuse array counter. Now your board is locked to the malware modified bios binary... And eFuses are one-way road, them can't be reverted.
Flashing bios doesn't work for competently written smm and lower attacks. There's persistent Flash ram that isn't over written and can be used as a scratch pad. This was used in the wild a little over 5 years ago to gain persistence in AMZN cloud hardware... it was easy to replicate in the lab if you didn't mind risking a few bricked mother boards or processors. But it was difficult to red team. They only got caught because they were sloppy and used the ram scratch pad as Storage for other malware they were developing. Needless to say, the attack and vulnerability were not disclosed however you could find guides and use them to test the attack on a few security forums that were purged... some of the breadcrumbs for this attack likely still exists. This is a more sophisticated version of the technique in the video but doesn't require physical access... you can do it following successful privilege escalation attack from user space on an instance you rent then use the backplane to migrate through the data center. The escalation and attack just require you to run an infected binary that is successful 10% of the time and crashes the server about 60% of the time. This is one of the advanced persistent threats that's basically a zero day since it doesn't require the attacker to gain authorization... after all, it's their instance... repeat this a few times and you're guaranteed persistence in a lot of data centers. Needless to say the story was buried, given AMZN's business relationship with the alphabet Boyz.
I think that PC assembly companies can be ruled out as suspects, since here in Russia (and most of Asia) few people use the services of such companies, as it is too expensive
If you buy chips in bulk, the manufacturer can ship your chip with your code on it. Thus saving your factory time flashing it. Makes sense if your code never changes (ie bios). I suspect it's in that process, as no one is going to diff the hex
That's why I never liked UEFI in the first place. Why you want more complicated software layers between the hardware and the Operating System? Firmware used to be little, simple and with essential configurations in the needed cases. Now it's almost other mini operating system that do things that should be hardware operations or things that only are for the benefit of corporations and not the users. So, you now have an onion of complicated software levels that each one is a security risk. Microprocessor, disk firmware, BIOS, drivers, and all that replicated in smartphones and IOT appliances, the last ones with low level quality software and security... So yeah, welcome to hackersland dystopia, where if you are not a programmer yourself, good luck dealing with the paranoia.
it's not almost another OS, it is another OS and most modern computers have so many of them it's just one big kludge the way to escape dystopia is build your own hw and os, i guess
The main problem is the hardware itself is becoming much more complex. At this point some of it are just too much for the OS and main CPU to handle alone. SSD for example have their own CPU and RAM, without this the OS and main CPU would waste their time maintaining it.
"Why you want more complicated software layers between the hardware and the Operating System? " Because of the decades of legacy the standard PC has to abide by and the Operating System REQUIRING THEM to function, even though we modernized the hardware we still need to emulate the ancient PIC and PIT chips in the IBM PC, the ISA bus and even the Intel's MP standard despite the processors themselves no longer abiding to that and dumping the responsibility on the firmware to configure the processors to emulate that, and of course let's not forget the abominations Intel created like SMM(why the fuck a computer needs to run its firmware completely transparent from the running OS) and ACPI(why didn't device trees suffice, every other ISA works fine with them but for some reason PCs not cuz we're special for some reason). UEFI was supposed to fix some of the issues but of course in true Intel fashion made every single problem the BIOS had worse.
You could do exactly the same with BIOS, and most probably you can do with coreboot or libreboot if you don't build your own image and flash a manufacturer made infected one. Everyone have already forgotten Computrace BIOS trojan installed in every Dell and IBM computer from 2000's? It could do COMPLETELY fine all what this shiny new UEFI trojan can all the way from WinXP to Win7. Then UEFI isn't the problem. The problem is MANUFACTURERS DON'T GIVE US THE ABILITY TO SIGN OUR OWN MOTHERBOARD with OUR OWN keys. Secureboot (or TEE/verity on coreboot, libreboot and uboot) signed with our own crypto locks and keys would be secure even to 3letters... And that's why they don't want to.
Since it connects to the internet, everything running under it is theoretically compromised. It could just receive new instructions on how to compromise a new system, given that the attacker spends enough effort to do so. This would probably be unlikely without something to make the effort seem viable, such as many victims seemingly using the same kernel build. But to actually give an answer, probably initially either nothing (if it checks what's there before overwriting), or corrupting some memory (if it doesn't). If you know what it does you could mitigate this corruption by relocating or rewriting the affected parts of the boot process, if any. It can never be managed from the system's point of view, unless it (the firmware) has a serious vulnerability, but boy, wouldn't that be funny.
@@Interpause The way I see it, it's the hypervisor and anything that boots on the machine is merely its "guest OS". It could utilize all the privileges that come with that, like pausing guest execution and reading and altering any memory. (While being able to receive any such instructions through the internet.)
What about this, in order to protect motherboard against such attacks : The motherboard has a dedicated chip that verify current firmware. It check firmware has a valid signature from motherboard manufacturer (eg: ASUS). That chip is independent from the rest (cannot be updated trough firmware) and the public key it use to validate signature can only be updated at factory (not by software). If chip detect improper firmware (because signature is not valid) system won't boot. Only way to fix it is to install a proper firmware (eg: boot system with an USB key and a valid firmware on it). Someone will probably say that it can be defeated (eg: replace chip by another one similar to console mods) but that will make deployment of such attacks much more difficult than a simple software update.
Good summary. A few attack vectors are not considered, that could be even worse (if it isn't already). - If the OS is pre-installed (as for the assumption that it comes from a PC assembly company), the payload could already be present, and thus could interrupt the BIOS flasher and insert it's own EFI backdoor into the new firmware during patching or even after patching. - If you connect the PC to the internet to download the BIOS update, it will have the chance to download it's payload. - If the BIOS is updated, but you keep the windows installation it still has the payload, probably in ring 0, so it is still there and could do whatever (update payload, patch the current BIOS, etc) (edit) - As mentioned by @unforseen consequencer, the kernel or UEFI part could just report a successful flash and not do anything (maybe just patch the shown version number). If you're lucky you could maybe detect this if a new visible feature in the BIOS is not present, but otherwise not. So the only surefire way to protect yourself would be either to - rip out the EEPROM chip (which used to be possible, but probably not anymore) and flash it using an EEPROM flasher, then boot and nuke the hard drive. - Disconnect the machine from the network, update EFI using a flash drive , reinstall windows/whatever using a CD/flash drive, update EFI again with a newly downloaded copy of the BIOS to the flash drive, and reinstall windows/whatever again 😅
Had something running under the similar methodology on a P55 board years ago, I presume i could have fixed it with a good replacement Bios chip. this modification was deployed remotely as a chained privilege escalation attack that started inside a fully patched OS from a remote source , almost 100% sure there was no physical access. I found various fragments in the registry referencing Sentinel which appeared to be part of the entire kit (post compromised 'installation' ), reflashing bios could not / did not fix. Multiple OS and HDD changes were unsuccessful, didnt matter if it was windows or linux or hypervisors running whatever. The compromise was pretty obvious to me at least I could see it doing things I had not requested occur including copying data / attempting to recover data . When someone with excessive capability wants to own you hard enough , they always find a way. I was a fool and although i had my FW locked down I bypassed it intentionally , after all whats the worst someone could do ? probably just sped things up rather than made the difference between safety or not. Note this scared the shit out of me; I have a feeling that was partially the intention, I got rid of ALL of that hardware and tried to lead a more blameless less questioning life. the worst part was checking my logging and doing the lookups to ascertain the source. At first i thought the logging of it all in debug mode and seeing all of these things had great value to me and somehow thought I was clever to have been running in debug mode in the first place and had all the detail on what had occurred. Later I began to feel uncomfortable with the possession of the information that listed line by line what had occurred in the logs esp. once the ' from whom '' in the reverse lookups became apparent, this was around the time when the post lulsec / anon et al hacker 'threat' was escalating to high levels of political posturing and essentially threats were being thrown around with regards physical responses to cyber. 1/10 Would not recommend this experience.
Michael Bazzell just released an episode (number 272) about this for his podcast with a guest who works in the firmware security space/industry - worth checking out
Dear Mental Outlaw, I have a video suggestion: I would be interested in a video about Discord and alternatives (I heard about Matrix being an option) and what voice/video chat program is best for general use. I use GNU/Linux but I never liked using Discord as it uses electron & screen capture on wayland as well as recording desktop audio don't work right for me. Also, thank you for putting in such effort into your videos, keep it up!
I would also like a video about Discord Alternatives, especially for more privacy. Discord stores all your Chats unencrypted, readable by any workers there all the time. (I've also heard, that they are able to record and log Voice Chat -Conversations, but I'm not sure about that one). Also deleting your Discord Account will not delete your Chat Messages.
2:50 Uefi can be programmed to do anything (just search for the uefi spec..). For example if the file system is not encrypted Uefi malware could definetly read your passwords (easily).
Been affected by this, left a long comment explaining my expirence. Thanks for removing it, ill make sure to never interact with one of these videos again or share any insight at all. Douche
This is slightly incorrect, KPP or patch guard hashes the changes when patch guard is initialized. This malware does not need to attack patch guard directly, because it doesn't need to as the malware patches the kernel before anything is hashed, and the entry point is even called.
Modern ASUS motherboards come with malware by default. It's called Armoury Crate, and defaults to enabled, and automatically installs when you boot into Windows. I'd love for them to be hit with a class action for this.
@@laifyalif Yeah, it's not _literally_ malware, but it's completely unwanted software that automatically installs without your consent. Very few people actually use it and I just see it running in task manager when I work on some PC's.
Who here remembers when PC games was bought in CD form. I remember owning this one game on CD and kept getting a virus could not figure it out at first. In the end it turned out the virus was on the CD it self.
This kind of thing can likely affect firmware on daughterboards too, if there's insufficient security involved in flashing them. (If malware can identify things like specific network, audio, or graphics cards, etc., it's a potential vulnerability if those too are targeted.) To be honest, there should be some kind of manual interface that has to be set (such as a physical switch or jumper) before enabling the ability to put flashed updates onto hardware. (Doesn't solve the issue of hardware coming from the factory with a problem, but could prevent any drive-by type malware attacks that could piggy-back on some other things like software installers.) Memory and such is tight and limited, and it likely needs hooks into OS specific functions or libraries to be really compact, but some chips used for that kind of thing may have a surplus memory and other quirks and that would allow for an opening for possible exploits.
Not necessarily true. It could've been developed much later for these older motherboards, for example because the developers would have already had access to such boards, they were widespread in the area they were primarily targeting, or they were just easy to modify and mess with the firmware on. It *could* also have been around for way longer and just have been discovered recently, but we don't know for sure.
8:22 "a company assembling pc's" .... :| There's no doubt in my mind you know you picked the most horrible example of that. I sometimes still re-watch that guy flunking the build, for the lols and the cringe.
I know uefi is supposed to have unique keys for each section of the uefi. For example: this is how LoJack could not be removed from laptops that were stollen. But the key was stolen and used to install malware. To be honest there needs to be 3 factor authentication. 1 by user, 1 by key, and 1 by checksum verification. Basically if the last checksum which is unique to every code section does not match, it is rejected. Why the first and third are not implemented is beyond me. The third checksum alg is hard coded into non rewritable firmware for each model motherboard. Mfg lab firmware in raw state goes into an air gapped encoder which tags the checksum on the end. Transfer is done via tape. (No chance of stuxnet corruption with non USB or autorun.inf)
In a very different way, but something I suppose I'd classify as a virus would be Asus SonicStudio. That stuff is almost impossible to remove from your computer and it is absolutely abhorrent.
9:54 - Hmm, if EUFI is compromised -- couldn't the new flashed firmware become compromised when a bios flash is attempted? Couldn't the flash program be "updated" with compromised code to inject a similar rootkit?
Yes, correct! About two years ago we had a customer where the whole network was infected by a crypto trojan (probably locky) via an E-Mail. The trojan managed to get into everything, PCs, Servers Printers,... When we restored a offsite backup (thats a backup which is not connected to the Server / Network) from several days ago the malware back on the first boot. Even though we knew that the backup hadn't been connected for several days befor the E-Mail came in, we tried a clean install from DVD onto new SSDs. Same story after the first boot Windows Defender instantly started to detect malicious files. So the only possible explanation was, that the trojan was in the BIOS/UEFI or in the integrated remote management module of the server or on both. We then tried to reset the management module from the BIOS and flashed the BIOS from within the BIOS itself because we suspected exactly the problem you mentioned above would happen if we flash it from Windows. But after low level formatting the DISKs and reinstalling Windows from DVD again, after the first boot Windows Defender instantly started to detect malicious files, again... Luckily the Server has two of those management modules, the main one and a backup one which can be switched by a jumper on the MB. That was our last hope as we were already two days in without even getting the server up and running again so the next step would have been a new server (two days down is a lot of money, even for a smaller company). So we tried our Luck, turned off the Server (the management modules still runs, its always on as long as theres power to the server) unplugged it, switched the jumper and plugged back in. Then we had to make sure to NOT start the server, so the BIOS doesn't initialize and maybe compromise the backup management module as well. Then from the backup Management module we were able to Flash the whole BIOS/UEFI (not only the updated areas) and the main management module. After that the trojan/rootkit/malware was finally gone, so we could procced. Well this got quite long, tool me almost 15min typing this but maby it's interesting for someone ;)
What is interesting me is what was the motivation and target for this. This takes a lot of work and risk, so I assume the saboteur probably knew the person or company who would be using the device and that they had some data worth taking or spying on. Unless it was just a proof of concept test of some sort. But to find out who did this, I would start with looking at who knew who the end users are and wanted something from them, while also being in a position to do the work on the hardware. This should narrow it down a lot.
Interesting enough, you just taught me that "evil maid" is apparently my favorite way of hacking. It's really the most viable and reliable hacking technique I employ. In my mind, it would be a good idea to have some or all of these gadgets as well: * paperclip to access sim/sd trays on phones * sata->usb and NVMe->USB Adapters (to inspect targets storage and look at their files) * poisontap (RPi zero w 2 in gadget mode, effectivly serving as a wifi->usb dongle) * usb on the go adapters, such as usb-c->usb3.0 and vice versa * usb sd card reader * usb flash drives with various live OS's, such as: * 1) Ventoy * 2) DietPi * 3) Win 10 IoT core * 4) daily driver os/general purpose os/just ubuntu or manjero Finally, I always, ALWAYS, have my PC not far away for backup. And by PC, I mean: phone/laptop/macbook-air/tablet/any device that can like download files or format drives.
![Twenty One Pilots - The Line (from Arcane Season 2) [Official Audio]](http://i.ytimg.com/vi/XCz7WUotXs8/mqdefault.jpg)
me when I buy a malwareboard
@Tinder in real life 🅥 said fuck it and clicked on the link, was not disappointed
@@zander07 botnet'd
@@Seeks__ oof
@@mr.serious707 very important to stay warm in these times
@@mr.serious707 🤣🤣
3:16 To terminate the UEFI services, the bootloader/kernel calls ExitBootServices, which is helpfully provided by the UEFI firmware itself - so the kernel cannot in fact shut down a malicious UEFI implementation, it can just ask it nicely to shut itself down
But then the UEFI says no
But then the UEFI pretends to shut down while residing in memory
@@amogus7 not how it works
@@amogus7 it would just use the reserved chips for it instead of the system-wide ram
@@pacomatic9833 Then the OS DMA writes over the interrupt handler to unhook it.
If this UEFI malware is really sophisticated, I imagine it’s theoretically possible it could reinsert itself into the image when you update, or just fake the update. Now that would be neat / horrifying.
Well if that happens, then it goes to the computer junk.
@@SaitoShepherd Not really, there are hw programmers for bioses, they are like 20$ You can also swap the bios chip (in the last decade it was easy, nowadays they are soldered iirc)
@@SviatoslavDamaschin BIOS chips aren't BGA though, so while they still take some soldering skill, it's nothing close to the level necessary to solder BGA components.
Thanks mate. We worked really hard to make it happen.
Well, if you update with a non wr-cd or dvd, then it can't do shit
Man, Welcome back to the 90s... When we had viruses like Anti-CMOS-A that would infect your BIOS.
Also the CIH.exe virus that deleted your BIOS and bricked your board.
The fashion always keeps returning after two or three decades ;- )
Or the CIH virus for example.
Edit: Just now noticed someone else already mentioned it, that's my bad for not checking first lmao
@Ops Blac Money and enterprise level data.
@@mayravixx25 🤓🤓🤓🤓
Windows: _We're gonna improve security by throwing a ton of weird stuff into microchips!_
**Microchip security gets bypassed anyway.*
Lol
"a to of"
See where your shitty outsourcing got you M$! Maybe next time try actually fixing the fucking problem.
ME/PSP and CPu microcode runs at a lower level than "hardware/firmware". In fact, higher levels cannot detect their activity.
*a to of*
"never trust the maid" _shows image of astolfo in maid outfit_
A couple months ago, I ordered an Asus board from Newegg and I didn't notice it wasn't shipped by Newegg until right after I bought it. It arrived in a white box. I emailed the seller to inform them that I ordered a new motherboard, but they sent me a used one that wasn't even the correct model (didn't have WiFi). The seller told me that it was okay because I could trust their quality and they made sure to test it and they would also send me cash in the mail. They also told me not to send it back as the item wasn't eligible for a refund and they would charge me $25 if I sent it back. After over a month of going back and forth with Newegg, I managed to get a refund. I wonder if they were sending me an infected board?
I wonder yes because they had no reason to pull out the wifi module . Or it can be a stock issue
@@Clone_osu1 didnt have wifi = uefi malware
@@balllord3546 That's a minor detail which serves as a quick explanation for why the shipped motherboard was not useful to OP
OP, do you still have the MB?
After the Gamers Nexus fiasco, the only thing I use NE for is checking HW to buy elsewhere. )NE even gives me a hard time over my vpn.) And with Amazon being goofy with their delivery times (at least here), I just get what I can from microcenter.
9:16
And this is why I'm glad you informed everyone about the Intel Management Engine and the AMD Platform Security Processor, Windows 11 requiring a TPM (and generally being Spyware already) as those two things alone have already reduced our trust in the hardware our computer has, and the software they (either the government or the tech companies) want us to use.
You are performing a wonderful public service by informing the public, thank you.
Dear Mental Outlaw,
The scariest thing about this - when you described how it must be a man-in-the-middle attack performed after the manufacturing and before the end user receives it,
The scary part is if any of the alphabet boys were suspicious of someone and wanted to get easy info on them, they could see that they're trying to order a motherboard or other computer part and legally intercept it before shipping in order to install infected firmware. This is a terrifying idea that renders online purchases insecure unlike in a store where the motherboards are already there.
It's not a stretch to imagine that some Asian country like the PRC created and/or installed this malware with or without ASUS's knowledge. (as you said this mainly occurred in Asia)
Online shippings are safe, no one can open the package before it reaches the user or the company would loose reputation, more likely someone must've to brake into the storage room and manually insert the malware into the PC if the product has a waiting time before delivery like days or weeks, a company would have the worst security to let someone do that regardless of waiting time, they cant steal the package when it's being sent to the client as any delay is noticeable and they can't possibly be employees of the same company doing it.
It bust be a shady criminal business doing it.
@@RoastCDuck Google and Twitter and Facebook collaborate with the feds all the time. Why wouldn't Amazon or UPS?
This is why when embassies, etc, want to buy hardware (or printer cartridges for example) they send someone to a physical store some distance away to pick one off the shelf at random.
@@RoastCDuck wrong. You're either hopelessly naive or compromised or a b0t.
Alphabet boys and thier "legal methods"😭
PSA: In some brands of Notebooks you can NOT reset the BIOS password by removing a battery or with a jumper.
The password is stored in a exclusive partition of the UEFI nand/nor chip itself with is non volatile memory. Updating/flashing the BIOS true normal means will not remove the password either since the manufacture makes so that updating the firmware will only write over the UEFI partition leaving a partition made exclusively to keep the password alone.
The only way to remove the password is by using a EEPROM programmer and having a backup of the whole UEFI chip content that doesn't have a password (Some people know how to patch the rom to remove the password so you may not need the password free backup).
A brand that I'm aware that is like this is LENOVO.
In short be sure to not forget your Notebook BIOS password and remember to remove it before selling it.
That sounds like such a pain in the ass
@@arandomguy4478 It is lol.
This actually explains why my BIOS settings weren't resetting when I removed the CMOS battery on my Ideapad
HP does this on some models as well
@@TheExileFox Hacking = flashing rom... no enviromental trap
Thinking about it, computer distribution in general is in a very barbaric state. When you are buying a PC, you are literally buying a cat in a bag, no manufacturer seals, no holographic stamps from the factory. Security of the computer supply chain is very important, it needs to be treated like we do with alcohol or medicine - no tampering with from the factory conveyor belt, period. I live in Asia and I just recently bought ASUS motherboard that falls directly under the criteria. The problem is - reflasing is done by the motherboard itself, where is the guarantee that reflasing mechanism is also not compromised to reject/modify new flashes?
You can remove the UEFI chip itself, and use an external flasher to update the UEFI without even booting up the infected machine if you want to be sure that it's updating
That is, if you can get a 100% authentic UEFI FILE from ASUS themselves, since ASUS seems to like the idea of updating the UEFI from Windows, and not from the UEFI itself
Quick note: the difference between a UEFI updater and a UEFI file is that an updater has all the stuff to write the update to the chip from Windows, and the UEFI file is only the software on the chip itself
If you think alcohol and medication distribution is tamper proof or even tamper evident then sweet sweet dreams to you
no , you get warranties and assurances and if those fail , your item can be returned at little to no additional cost. if you buy a used board with an embedded virus , there 's not to much you can do right now . wait a few months and they will have a solution.
All computers have flaws regardless if they are tampered or not. Regulation leads to confiscation
@@Auditing102 regulating sale/installation of bios chips doesn't hurt anyone . it ensures greater security coming and going from the factory. regulation of booze led to confiscation 80 years ago and thats where that backwards statement comes from .
This potential type of problem was one reason for the Libreboot project and the use of the older IBM/Lenovo laptops as they represented one of the last environments with publicly available chipset descriptions etc. and the ability to have an open source bios. Of course as time passes these machines become less usable. We just don't know what we're buying nowadays.
Intel Management Engine is a suspect thing. Imagine a compromised version of that rolling out of the factory.
Framework also has public descriptions (and schematics!) but it's still Intel only
antirootkits doesnt help...
@@TheExileFoxIME itself is one of the attack vectors in these persistent exploits, and had even been the cause of multiple UEFI/CPU level persistence incidents already by the time this video was posted.
Which old Lenovos? T420 for example or older?
"At that point, the mitigation's are pretty straight-forward." 💀
The ending of the video took a wild fkn turn
( ͡° ͜ʖ ͡°)
i literally can't
😭😆
ya this is a very informative video but did he really just make a joke likely about rape???
0:22 I could hear the painful resistance in his voice from saying “when the malware is sus”.
Great video, really made me think. I recently bought a used router. When I hooked it up to my laptop (offline!) I found that it had an unofficial firmware, remote login was enabled and it had a DynDNS configured 😟 The passwords and SSIDs matched the ones on the sticker so Average Joe would have no idea that the person who sold him the router could have full access to his LAN. I suspect this was done maliciously but have no proof. It's crazy how many ways there are to compromise people's security if they don't know what to look for!
Probably someone who needs a proxy to do dodgy stuff from.
Ah good, a reminder not to buy used routers or probably networking hardware in general, lord only knows I would not catch something like that until it was too late.
@@jannikheidemann3805 My thoughts exactly, I'd hate to know what they might have used my connection for.
@@plasmaoctopus1728 So long as you check things out and do a pinhole factory reset before going online it should be alright but I know what you mean. Use an amnesic OS when you first connect just in case there's malware that can spread via the network. Used stuff is more risky, for sure, but you should do this for new items too if possible. It only takes a few minutes. Remember, even big corporations like Sony install rootkits when they feel like it! 😬
The most elaborate set up to getting free wifi.
I wouldn’t be surprised a bit if we find out later there is already a back door in hardware from the manufacturer, and they’ll claim it’s for “National Security” and we’ll just say oh you silly geese that’s ok, lol.
Remember the supermicro scandal?
Ofc they do,how else do you think the FBI finds ppl?
I seem to remember a certain armband-wearing party justifying industrialised genocide using the "muh national securitah" excuse
mfw I order hardware from China so the chinese government has access to my data but the US government won't (as the Chinese would have incentive to block anybody else from accessing their juicy juicy data)
what the frack do you think windows 10/11 is? All it has become is one GIANT back door for big daddy government - and YEAH - the hardware manufactuers are ALSO IN ON IT!!!! (keep wondering why the older computers are becoming more and more coveted - created back before all this crap started to really go down). Edward Snowden wasn't just talking out of his butt. The US Gov hates him for a very good reason - he blew the whistle on their blatant privacy violations they take against us EVERY DANG SECOND!!!!!!!!! The same thing with all these smart phones people use. It's a microphone that reports right back to big daddy G along with GPS to track your every damn movement.
This is not what the original definition of the “Evil Maid Attack” was (as presented at DEFCON).
Instead it’s about any sort of reliable access a attacker or agent of an attacker has to the physical premises such as the groundskeeping or cleaning employees of a large company that has sensitive hardware.
MOST IMPORTANTLY the timeframe is completely different! The original concept is that the attack can be installed (especially for stuff like EMF Capturing or leaving malicious hardware) then removed at a later date, like a month later. This way the infiltration of the attack and exfiltration of stolen data/etc doesn’t have to go over the network at all!
IAmVerySmart
@@randomgaminginfullhd7347 ok.
@@randomgaminginfullhd7347 no, you're not.
Shhhh, let maid Astolfo put malware on your pc
Someone call Japan and tell them we need a romantic comedy anime about a tsundere maid who keeps trying to hack the protag's computer.
Oh boy, so many inaccuracies.
1. You're missing a few layers between ring 0 and UEFI. Namely system management mode is a particularly enticing place to keep your backdoor.
2. Extra chip on the MB is not really viable backdoor as there is no good way for it to boss the CPU around. You'd have to modify RAM content to inject code, but x86 uses several levels of indirection to access RAM and those tables are hardly ever flushed from cache because they're being used *all* the time, so you won't find them in RAM and without them, you're looking at a random scrambling of 4k blocks of memory with no idea what's where.
A better example would be a backdoor baked into the CPU's silicon itself. I'm not aware of any in Intel or AMD CPUs, but there have been multiple documented cases with smaller manufacturers.
3. Almost all anti-malware solutions use kernel mode hooks. But also kinda not. When Microsoft introduced PatchGuard (which you mention in the video), they took that ability away. They provided kernel mode scanning APIs for anti-malware products to use instead, but they are limiting and introduce a single point of failure which _has_ been exploited. Now, AV companies _could_ disable PatchGuard, but we choose not to, because fighting a behemoth like Microsoft head-on is not fun.
4. What you're describing is a supply chain attack, not an evil maid attack. Perplexingly, you later describe an evil maid attack correctly, but don't realize it's completely different from what you talked about before.
5. I haven't seen a laptop with a CMOS battery or a clear CMOS jumper in probably two decades. Laptops use flash for storing BIOS/UEFI settings and have no direct way to reset them precisely because by their very nature they are more susceptible to physical tampering. To reset settings on a laptop, you have to hook up a flasher and erase the chip that way.
Thanks for the info. Can you say anything more about the CPU indirectly accessing RAM?
I of course know about multi level page tables but I was under the impression that when the CPU views "physical memory", the pages are contiguous in the same way they are on the actual physical hardware.
Damn how did you even get this knowledge? 15 years of experience in anti-virus software?
I think he just wanted to use the Evil maid attack in an example for a while now, it's more visually interesting than a supply chain attack :3
Though far less terrifying IRL tbh. That fucking hit on solarwinds caused my client a lot of fucking heartburn
Re. #2, why would a malicious chip be designed to need the CPU? China pulled it off on Cisco(?) network hardware in the last couple years. US intel also but on other hw, if I remember correctly. But those would only be examples of when it was both discovered and disclosed
He's showing a simplified version of access layers
I appreciate these security vids that have a healthy dose of dark/black comedy to them (the ending was priceless)
rape jokes aren’t funny and you’re really scary for thinking that they are. you calling this “dark humor” is literally the problem with actual dark humor. humor is supposed to be funny too, you can’t just be edgy. hope you’ve done some soul searching bro
@@slghtmediait's done in self defense dw
I'd watch a show about an 1337 haxxor disguised as Consuella.
At first I thought you said "evil made"...
Iirc.
There are retailers who can re seal factory sealed boxes, or at least claim they do. When I returned a 8350 (worse performance than my x6), I got an exemption on the restock fee, since they could seal it up themselves.
Got myself a 4770K that has been running at 4.3 GHz since that day (it was 1 or 2 months after it's release).
Lmfao I can't believe you actually used Verge's build guide for that segment 🤣
i borderline believe that was intentional
Beyond setting a BIOS password, put your laptop in a lockbox with at least two types of locks. Place that inside a wooden puzzlebox. The evil maid can't just smash it to get at the lockbox, because that would be an obvious sign of tampering.
What if the wooden box comes with malware??
@ZaHandle wouldnt matter if she's a disciple of LPL's wife (joke based on the ice cream video)
Thank God I'm a BIOS updater. So many people in the tech space are like "NEVER UPDATE YOUR FIRMARE REEE". I always update my BIOS/UEFI. On old computers that's easy, once and done. On my main desktop, I only do it every couple of months. But I do have an ASUS motherboard. Though if I remember right this was Intel only, right? And you said it was primarily in Asia, so I'm probably okay.
after a few years my motherboard doesnt get bios update anymore
@@PenguinCrayon269 I assume you're on intel? AM4 has been getting updates for a long while to support all the CPU's.
In most cases You could also replace bricked firmware with ch341a without soldering
Theoretically at least, if your firmware is already compromised it could reinsert its malware into the update or just pretend to update.
@@t0asta especially if the firmware in question comes preinfected from the manufacturer himself.
They called it Evil Maid Attack when they could call it a Maid-in-the-middle attack. A huge missed opportunity here.
Some old Chromebooks have a screw shorting the WP# pin of the BIOS chip to ground. The chip is forced in read-only mode until you remove the screw. Solves the problem and is easy enough to undo.
ME/PSP and CPu microcode runs at a lower level than "hardware/firmware". In fact, higher levels cannot detect their activity.
@@doyouwantsli9680 But that's read-only, right?
@@GhostSamaritan Not sure what you mean. It can read and write to anything in your system, it even runs a full OS.
If you meant that the microcode and intel ME itself is read only, as in "can't be updated", that's also incorrect. It can be written to.
Just when you thought malware couldn't be worse, it is found on motherboards. It wouldn't be a big deal if you could just flash a clean firmware to the board but you need to know for sure which ones are clean.
I don't even trust those firmware updates from Windows, but I don't mind but proceed anyway.
Ultimately, the best defense is you don't cling your PC with anything of value, and you are ready to ditch internet if need be.
I got a standby motherboard in any case... ... and got it from another source. Hee hee hee... ...
Also, the system linking to sensitive operations is totally secured, and not even in my home. It cannot be infected with motherboard malware, and have 3 layers of security that any compromise will be easily detected and removed and system recorrect itself, cos there is a burn in physical chip with burn in program that cannot be altered by any programming at the final layer. Any attempt triggers alert and system realigns itself keeping everything safe and work resumes.
Super max security. Too bad I don't know the technology behind. But alien technology to most... ...
love my pre rooted motherboard! =DDD
@Breakfast nice pfp from a good game unfortunately that comment was not based
I love how this went from a very dangerous malware that's next to impossible to get rid of to hotel maids completely deconstructing my computer so they can put malware on it
Oh shit! Unfortunately, my motherboard is infected with a rootkit! Looks like I'm going to have to suffer with it!
this seems like a HUGE lawsuit waiting to happen. imagine shipping a motherboard with a virus on it.
“When your legally purchased a music disc has a virus”
When your a grammar has a virus
Looking at sony drm
@Breakfast That whole thread is hilarious, idk which of the responses is best lol.
Pov: drm
"It's a Sony" was a warning.
1:19 Image says less than Ring 0, which would be Ring -1 and Ring -2.
Video says Ring 0.
SMM is said to be running in Ring -2,
and that's setup as part of the firmware.
Although in my opinion, there really isn't much sense in splitting that.
And protection wise, you can usually infect Ring -1 and Ring -2 from Ring 0, which should make clear, that there really isn't any special protection going on here.
It's just that Ring -1 and Ring -2 are running transparently for the rest of the firmware, so anything there can be hidden away completely from the OS Kernel that's running in Ring 0.
Intel ME would also likely be considered a lower ring than Ring 0, considering it's running before any OS.
It's funny because any of my friends when they buy second hand phones don't factory reset them. They think that's it's a great idea to accumulate the residues of the last owner
That is such a horrible idea
Buying second hand is actuslly great because it has an aged IMEI, so while your IMSI will change its not a brand new phone so I think that grants at least a little bit more anonymity for your device. Especially if you register the new prepaid plan in the name of the previous device's owner lol
@@WitchMedusa thats called fraud
@@killertigergaming6762 Don't act like you know what you're talking about when you don't. Counts around the western world have upheld the legality of using alias information.
You don't even know the definition of fraud because no one is being defrauded here, you are registering for service with an alias name matching the previous owner & are paying for said service with your own money. Please explain what party in this transaction is exactly being defrauded & how?
@@WitchMedusa like when you hear about career criminals in court with aka said 5x during saying their name
stuff like this is why i buy motherboards with socketed rom chips, so i can dump them in my programmer in the event of _any_ issues. it's... difficult at times, since there's cycles where no manufacturers make any, and i have to wait a bit, but its saved my bacon more times than i care to name. this just adds another bullet point to the list of reasons why.
I'm a noob but how can you check it's socketed before purchase?
Clicked for astolfo stayed for cybersecurity
A better solution for that would be something some motherboards did in the past: put the BIOS firmware in a socketed chip. That way, if the thing gets corrupted, you take that chip out and either reflash it or replace it.
I love the way you entice your viewers with funni maemaez to deliver raw information into their veins
"Reflash your board with a known working firmware version" wouldn't work on boards with firmware downgrade protection via eFuses on the chipset, and actually downgrading would brick your board. Just like on Samsung phones, if the malware knows how to toggle the board eFuses, it would instruct them to make it appear as a legit update has occurred, and up the eFuse array counter. Now your board is locked to the malware modified bios binary... And eFuses are one-way road, them can't be reverted.
Flashing bios doesn't work for competently written smm and lower attacks. There's persistent Flash ram that isn't over written and can be used as a scratch pad. This was used in the wild a little over 5 years ago to gain persistence in AMZN cloud hardware... it was easy to replicate in the lab if you didn't mind risking a few bricked mother boards or processors. But it was difficult to red team. They only got caught because they were sloppy and used the ram scratch pad as Storage for other malware they were developing. Needless to say, the attack and vulnerability were not disclosed however you could find guides and use them to test the attack on a few security forums that were purged... some of the breadcrumbs for this attack likely still exists. This is a more sophisticated version of the technique in the video but doesn't require physical access... you can do it following successful privilege escalation attack from user space on an instance you rent then use the backplane to migrate through the data center. The escalation and attack just require you to run an infected binary that is successful 10% of the time and crashes the server about 60% of the time. This is one of the advanced persistent threats that's basically a zero day since it doesn't require the attacker to gain authorization... after all, it's their instance... repeat this a few times and you're guaranteed persistence in a lot of data centers. Needless to say the story was buried, given AMZN's business relationship with the alphabet Boyz.
this guys knows
He is the real deal
When the company's name is Aඞ
"Evil Maid" *Uses image of Mysterious Maid*
This guy gets it.
11:44 The last part is literally a TRAP.
I hate when that happens!
I think that PC assembly companies can be ruled out as suspects, since here in Russia (and most of Asia) few people use the services of such companies, as it is too expensive
You can also rule them out becuase I said.
You can always take in your shirt Russian government, Russia should perish.
If you buy chips in bulk, the manufacturer can ship your chip with your code on it. Thus saving your factory time flashing it.
Makes sense if your code never changes (ie bios). I suspect it's in that process, as no one is going to diff the hex
It seems the issue is not very widespread, so OEM/SI involvement is not completely off the table
That's why I never liked UEFI in the first place. Why you want more complicated software layers between the hardware and the Operating System? Firmware used to be little, simple and with essential configurations in the needed cases. Now it's almost other mini operating system that do things that should be hardware operations or things that only are for the benefit of corporations and not the users. So, you now have an onion of complicated software levels that each one is a security risk. Microprocessor, disk firmware, BIOS, drivers, and all that replicated in smartphones and IOT appliances, the last ones with low level quality software and security... So yeah, welcome to hackersland dystopia, where if you are not a programmer yourself, good luck dealing with the paranoia.
it's not almost another OS, it is another OS and most modern computers have so many of them it's just one big kludge
the way to escape dystopia is build your own hw and os, i guess
The main problem is the hardware itself is becoming much more complex. At this point some of it are just too much for the OS and main CPU to handle alone. SSD for example have their own CPU and RAM, without this the OS and main CPU would waste their time maintaining it.
"Why you want more complicated software layers between the hardware and the Operating System? " Because of the decades of legacy the standard PC has to abide by and the Operating System REQUIRING THEM to function, even though we modernized the hardware we still need to emulate the ancient PIC and PIT chips in the IBM PC, the ISA bus and even the Intel's MP standard despite the processors themselves no longer abiding to that and dumping the responsibility on the firmware to configure the processors to emulate that, and of course let's not forget the abominations Intel created like SMM(why the fuck a computer needs to run its firmware completely transparent from the running OS) and ACPI(why didn't device trees suffice, every other ISA works fine with them but for some reason PCs not cuz we're special for some reason).
UEFI was supposed to fix some of the issues but of course in true Intel fashion made every single problem the BIOS had worse.
Anything that connects to the internet usually is not private, windows 10 makes you sign an agreement that says no privacy if using their services
You could do exactly the same with BIOS, and most probably you can do with coreboot or libreboot if you don't build your own image and flash a manufacturer made infected one. Everyone have already forgotten Computrace BIOS trojan installed in every Dell and IBM computer from 2000's? It could do COMPLETELY fine all what this shiny new UEFI trojan can all the way from WinXP to Win7.
Then UEFI isn't the problem. The problem is MANUFACTURERS DON'T GIVE US THE ABILITY TO SIGN OUR OWN MOTHERBOARD with OUR OWN keys. Secureboot (or TEE/verity on coreboot, libreboot and uboot) signed with our own crypto locks and keys would be secure even to 3letters... And that's why they don't want to.
Now I wonder what this Cosmic Strand does when it expects a Windows, but gets Linux instead.
It recommends Arch to the user.
Jokes aside, I'd like to know that too
Since it connects to the internet, everything running under it is theoretically compromised. It could just receive new instructions on how to compromise a new system, given that the attacker spends enough effort to do so. This would probably be unlikely without something to make the effort seem viable, such as many victims seemingly using the same kernel build.
But to actually give an answer, probably initially either nothing (if it checks what's there before overwriting), or corrupting some memory (if it doesn't). If you know what it does you could mitigate this corruption by relocating or rewriting the affected parts of the boot process, if any.
It can never be managed from the system's point of view, unless it (the firmware) has a serious vulnerability, but boy, wouldn't that be funny.
@@lollllloro it would fail the initial intrusion into kernelspace if it doesnt have a method designed for a linux kernel
@@Interpause The way I see it, it's the hypervisor and anything that boots on the machine is merely its "guest OS". It could utilize all the privileges that come with that, like pausing guest execution and reading and altering any memory. (While being able to receive any such instructions through the internet.)
I'm starting to think I need to put together my own motherboard. There are a number of open source designs, might be a fun project.
Have fun soldering. ^^
You need to go even further and build your own CPU from raw transistors. That's seriously the only way you can be sure it's safe.
@@renakunisaki what about building your own kernel?
honestly, people care so little about security these days.
What about this, in order to protect motherboard against such attacks :
The motherboard has a dedicated chip that verify current firmware. It check firmware has a valid signature from motherboard manufacturer (eg: ASUS).
That chip is independent from the rest (cannot be updated trough firmware) and the public key it use to validate signature can only be updated at factory (not by software). If chip detect improper firmware (because signature is not valid) system won't boot. Only way to fix it is to install a proper firmware (eg: boot system with an USB key and a valid firmware on it).
Someone will probably say that it can be defeated (eg: replace chip by another one similar to console mods) but that will make deployment of such attacks much more difficult than a simple software update.
TPM.
Im here for the maid girls and was completely disappointed.
Good summary. A few attack vectors are not considered, that could be even worse (if it isn't already).
- If the OS is pre-installed (as for the assumption that it comes from a PC assembly company), the payload could already be present, and thus could interrupt the BIOS flasher and insert it's own EFI backdoor into the new firmware during patching or even after patching.
- If you connect the PC to the internet to download the BIOS update, it will have the chance to download it's payload.
- If the BIOS is updated, but you keep the windows installation it still has the payload, probably in ring 0, so it is still there and could do whatever (update payload, patch the current BIOS, etc)
(edit) - As mentioned by @unforseen consequencer, the kernel or UEFI part could just report a successful flash and not do anything (maybe just patch the shown version number). If you're lucky you could maybe detect this if a new visible feature in the BIOS is not present, but otherwise not.
So the only surefire way to protect yourself would be either to
- rip out the EEPROM chip (which used to be possible, but probably not anymore) and flash it using an EEPROM flasher, then boot and nuke the hard drive.
- Disconnect the machine from the network, update EFI using a flash drive , reinstall windows/whatever using a CD/flash drive, update EFI again with a newly downloaded copy of the BIOS to the flash drive, and reinstall windows/whatever again 😅
Or just use Linux.
Why update the BIOS and OS twice?
omg the Verge clip for PC builders was perfect man haha
Had something running under the similar methodology on a P55 board years ago, I presume i could have fixed it with a good replacement Bios chip. this modification was deployed remotely as a chained privilege escalation attack that started inside a fully patched OS from a remote source , almost 100% sure there was no physical access.
I found various fragments in the registry referencing Sentinel which appeared to be part of the entire kit (post compromised 'installation' ), reflashing bios could not / did not fix.
Multiple OS and HDD changes were unsuccessful, didnt matter if it was windows or linux or hypervisors running whatever.
The compromise was pretty obvious to me at least I could see it doing things I had not requested occur including copying data / attempting to recover data .
When someone with excessive capability wants to own you hard enough , they always find a way. I was a fool and although i had my FW locked down I bypassed it intentionally , after all whats the worst someone could do ? probably just sped things up rather than made the difference between safety or not.
Note this scared the shit out of me; I have a feeling that was partially the intention, I got rid of ALL of that hardware and tried to lead a more blameless less questioning life. the worst part was checking my logging and doing the lookups to ascertain the source.
At first i thought the logging of it all in debug mode and seeing all of these things had great value to me and somehow thought I was clever to have been running in debug mode in the first place and had all the detail on what had occurred.
Later I began to feel uncomfortable with the possession of the information that listed line by line what had occurred in the logs esp. once the ' from whom '' in the reverse lookups became apparent, this was around the time when the post lulsec / anon et al hacker 'threat' was escalating to high levels of political posturing and essentially threats were being thrown around with regards physical responses to cyber.
1/10 Would not recommend this experience.
Michael Bazzell just released an episode (number 272) about this for his podcast with a guest who works in the firmware security space/industry - worth checking out
this has legitimately been a phobia of mine for like a decade
I want that sus loading screen
0:20 When Asus forgot the first letter of the alphabet:
Dear Mental Outlaw, I have a video suggestion:
I would be interested in a video about Discord and alternatives (I heard about Matrix being an option) and what voice/video chat program is best for general use.
I use GNU/Linux but I never liked using Discord as it uses electron & screen capture on wayland as well as recording desktop audio don't work right for me.
Also, thank you for putting in such effort into your videos, keep it up!
One pretty good one is Guilded. It functions more or less almost exactly like Discord, and it's run by people who don't totally suck donkey balls.
I would also like a video about Discord Alternatives, especially for more privacy.
Discord stores all your Chats unencrypted, readable by any workers there all the time. (I've also heard, that they are able to record and log Voice Chat -Conversations, but I'm not sure about that one). Also deleting your Discord Account will not delete your Chat Messages.
@@howtomundane3109 ....holy shit, are you serious....?
@@TrouvatkiDePercusion I might not be 100% correct, but I am serious about it.
@@howtomundane3109 that is terrifying
never trust the maid (puts a image of HIM), pure comedy
2:50 Uefi can be programmed to do anything (just search for the uefi spec..). For example if the file system is not encrypted Uefi malware could definetly read your passwords (easily).
I lost it at "at that point the mitigations are pretty obvious" plus the graphic you chose.
Been affected by this, left a long comment explaining my expirence. Thanks for removing it, ill make sure to never interact with one of these videos again or share any insight at all. Douche
This is slightly incorrect, KPP or patch guard hashes the changes when patch guard is initialized. This malware does not need to attack patch guard directly, because it doesn't need to as the malware patches the kernel before anything is hashed, and the entry point is even called.
I can't read ASUS the same way after seeing that thumbnail
1:00 I mean since they flash the malicious image onto the mobo, it pretty much is turning your BIOS-chip as such a spying chip
You missed an opportunity to play a clip from the movie Hackers, where Penn says, "They're in the kernel!"
If the evil maid is that last one at the end then there will definitely be some "mitigation" 😏
Modern ASUS motherboards come with malware by default.
It's called Armoury Crate, and defaults to enabled, and automatically installs when you boot into Windows.
I'd love for them to be hit with a class action for this.
its kinda useful actually, and i did not find any malware on it so,, idk
@@laifyalif Yeah, it's not _literally_ malware, but it's completely unwanted software that automatically installs without your consent. Very few people actually use it and I just see it running in task manager when I work on some PC's.
I'm sticking to my 2006 machine.....for delicate things.
Back when malware / trojans wasn't baked into motherboards and CPUs.
Windows 10 is the new malware
The thumbnail is a masterpiece
Who here remembers when PC games was bought in CD form. I remember owning this one game on CD and kept getting a virus could not figure it out at first. In the end it turned out the virus was on the CD it self.
What is more dangerous? A compromised bios or astolfo?
Astolfo
Astolfo is very dangerous, A master of social engineering. Making all the men gay.
Ultimately we would need Free firmware and secure boot starting from the CPU (on-silicon) bootrom
This kind of thing can likely affect firmware on daughterboards too, if there's insufficient security involved in flashing them. (If malware can identify things like specific network, audio, or graphics cards, etc., it's a potential vulnerability if those too are targeted.) To be honest, there should be some kind of manual interface that has to be set (such as a physical switch or jumper) before enabling the ability to put flashed updates onto hardware. (Doesn't solve the issue of hardware coming from the factory with a problem, but could prevent any drive-by type malware attacks that could piggy-back on some other things like software installers.)
Memory and such is tight and limited, and it likely needs hooks into OS specific functions or libraries to be really compact, but some chips used for that kind of thing may have a surplus memory and other quirks and that would allow for an opening for possible exploits.
Ending this with a trap was hilarious.
🍻 saved me reading time.
thanks for the tldr
This is apparently only in Intel H81 chipsets so it's been around since 2013.
Not necessarily true. It could've been developed much later for these older motherboards, for example because the developers would have already had access to such boards, they were widespread in the area they were primarily targeting, or they were just easy to modify and mess with the firmware on. It *could* also have been around for way longer and just have been discovered recently, but we don't know for sure.
"He's in the walls, HE'S IN THE GODDAMN WALLS"
11:39 lmao, straightforward mitigations ( ͡° ͜ʖ ͡°)
i just found this channel but i like it already
You had me when I saw Astolfo in the thumbnail
same lmfaoooo
Thanks for reminding me Asus is spelled with Sus I will now always call it ‘A-sus’
Astolfo loving man of culture I see.
Hey Kenny! Thanks for the content. Best cobber out there!
If you buy an "enterprise grade" laptop the UEFI password usually cannot be reset at all, without a special manufacturer key specific to your device.
you mean manufacturer keys that get leaked? this is not secure at all.
Gaining a persistent foothold in as many modern machines as possible is a botnet dream
oh god, that "the verge" clip 😂
When most things are manufactured in Asia anyways, I wouldn’t be surprised of endless possibilities in hardware supply chain attacks.
8:22 "a company assembling pc's" .... :|
There's no doubt in my mind you know you picked the most horrible example of that.
I sometimes still re-watch that guy flunking the build, for the lols and the cringe.
I know uefi is supposed to have unique keys for each section of the uefi. For example: this is how LoJack could not be removed from laptops that were stollen. But the key was stolen and used to install malware.
To be honest there needs to be 3 factor authentication. 1 by user, 1 by key, and 1 by checksum verification. Basically if the last checksum which is unique to every code section does not match, it is rejected. Why the first and third are not implemented is beyond me. The third checksum alg is hard coded into non rewritable firmware for each model motherboard. Mfg lab firmware in raw state goes into an air gapped encoder which tags the checksum on the end. Transfer is done via tape. (No chance of stuxnet corruption with non USB or autorun.inf)
the true, burning question in everyone's minds:
can it compromise templeos?
serious video, serious video
last 5 seconds: RMWBY and a trap
In a very different way, but something I suppose I'd classify as a virus would be Asus SonicStudio.
That stuff is almost impossible to remove from your computer and it is absolutely abhorrent.
Agreed, same with most antivirus to be fair...
The name "asus" becomes accurate at this point
9:54 - Hmm, if EUFI is compromised -- couldn't the new flashed firmware become compromised when a bios flash is attempted? Couldn't the flash program be "updated" with compromised code to inject a similar rootkit?
Yes, correct!
About two years ago we had a customer where the whole network was infected by a crypto trojan (probably locky) via an E-Mail. The trojan managed to get into everything, PCs, Servers Printers,... When we restored a offsite backup (thats a backup which is not connected to the Server / Network) from several days ago the malware back on the first boot. Even though we knew that the backup hadn't been connected for several days befor the E-Mail came in, we tried a clean install from DVD onto new SSDs. Same story after the first boot Windows Defender instantly started to detect malicious files. So the only possible explanation was, that the trojan was in the BIOS/UEFI or in the integrated remote management module of the server or on both.
We then tried to reset the management module from the BIOS and flashed the BIOS from within the BIOS itself because we suspected exactly the problem you mentioned above would happen if we flash it from Windows.
But after low level formatting the DISKs and reinstalling Windows from DVD again, after the first boot Windows Defender instantly started to detect malicious files, again... Luckily the Server has two of those management modules, the main one and a backup one which can be switched by a jumper on the MB. That was our last hope as we were already two days in without even getting the server up and running again so the next step would have been a new server (two days down is a lot of money, even for a smaller company). So we tried our Luck, turned off the Server (the management modules still runs, its always on as long as theres power to the server) unplugged it, switched the jumper and plugged back in. Then we had to make sure to NOT start the server, so the BIOS doesn't initialize and maybe compromise the backup management module as well. Then from the backup Management module we were able to Flash the whole BIOS/UEFI (not only the updated areas) and the main management module.
After that the trojan/rootkit/malware was finally gone, so we could procced.
Well this got quite long, tool me almost 15min typing this but maby it's interesting for someone ;)
@@luckylars32
I found it interesting. Thanks for explaining :) Is there any way to reflash a new management firmware while the bios isn't loaded?
What is interesting me is what was the motivation and target for this. This takes a lot of work and risk, so I assume the saboteur probably knew the person or company who would be using the device and that they had some data worth taking or spying on. Unless it was just a proof of concept test of some sort. But to find out who did this, I would start with looking at who knew who the end users are and wanted something from them, while also being in a position to do the work on the hardware. This should narrow it down a lot.
"Never trust a maid."
That's why... You're maidenless.
*Put sunglasses on*
You should leave a hidden nanny cam behind that watches your stuff when you aren't there.
Interesting enough, you just taught me that "evil maid" is apparently my favorite way of hacking.
It's really the most viable and reliable hacking technique I employ.
In my mind, it would be a good idea to have some or all of these gadgets as well:
* paperclip to access sim/sd trays on phones
* sata->usb and NVMe->USB Adapters (to inspect targets storage and look at their files)
* poisontap (RPi zero w 2 in gadget mode, effectivly serving as a wifi->usb dongle)
* usb on the go adapters, such as usb-c->usb3.0 and vice versa
* usb sd card reader
* usb flash drives with various live OS's, such as:
* 1) Ventoy
* 2) DietPi
* 3) Win 10 IoT core
* 4) daily driver os/general purpose os/just ubuntu or manjero
Finally, I always, ALWAYS, have my PC not far away for backup.
And by PC, I mean: phone/laptop/macbook-air/tablet/any device that can like download files or format drives.
Switchblade evil usb drive, anyone?
my favorite way of hacking is drone striking targets homes
So good. I will remember only the conclusion around maid counterattack