Malware Buried Deep Down the SPI Flash: Sednit's First UEFI Rootkit Found in the Wild

Conference:  BlackHat EU 2018



The presentation discusses the threat of UEFI rootkits and the need for firmware to be built with security in mind.
  • UEFI rootkits are real-world threats used in cyber attacks
  • Firmware must be built with security in mind from the bottom up
  • There are tools available to assess and mitigate UEFI rootkit attacks
  • Reflashing UEFI firmware is the only remediation option
  • An anecdote is shared about the discovery of a UEFI rootkit in the LoJack's campaign
The presentation shares the discovery of a UEFI rootkit in the LoJack's campaign, which targeted military and diplomatic organizations in the Balkans, Central, and Eastern Europe. The attackers used a legitimate kernel driver to run a tool called readwrite everything, which allowed them to read and write information about the system's firmware. They also used a modified version of an executable that checked the integrity of the firmware to instead auto patch it. This highlights the need for firmware to be built with security in mind and for organizations to be aware of the threat of UEFI rootkits.


BIOS rootkits have been researched and discussed heavily in the past few years, but sparse evidence has been presented of real campaigns actively trying to compromise systems at this level. Our talk will reveal such a campaign successfully executed by the Sednit group. This APT group, also known as Fancy Bear, Sofacy and APT28, has been linked to numerous high profile cyberattacks such as the 2016 Democratic National Committee email leak scandal.Earlier this year, there was a public report stating that the infamous Sednit/Sofacy/APT28 APT group successfully trojanized a userland LoJack agent and used it against their targets. LoJack, an embedded anti-theft application, was scrutinized by security researchers in the past because of its unusual persistence method: a module preinstalled in many computers' UEFI/BIOS software. Over the years, several security risks have been found in this product, but no significant in-the-wild activity was ever reported until the discovery of the Sednit group leveraging some of the vulnerabilities affecting the userland agent. However, through our research, we now know that Sednit did not stop there: they also tried to, and succeeded, in installing a custom UEFI module directly into a system's SPI flash memory.In this talk, we will detail the full infection chain showing how Sednit was able to install their custom UEFI module on key targets' computers. Additionally, we will provide an in-depth analysis of their UEFI module and the associated trojanized LoJack agent.