A new “TrickBoot” module scans for vulnerable firmware and has the ability to read, write and erase it on devices.
The TrickBot malware has morphed once again, this time implementing functionality designed to inspect the UEFI/BIOS firmware of targeted systems. It marks a serious resurgence following an October takedown of the malware’s infrastructure by Microsoft and others.
The Windows Unified Extensible Firmware Interface (UEFI) is a specification that governs the operation of low-level platform firmware, including the loading of the operating system itself. It can also be used when the OS is already up and running, for example in order to update the firmware. BIOS meanwhile is firmware used to perform hardware initialization during the booting process, and to provide runtime services for operating systems and programs.
According to collaborative research from Advanced Intelligence (AdvIntel) and Eclypsium, the additional TrickBot functionality, which they call “TrickBoot,” checks devices for known vulnerabilities that can allow attackers to read, write or erase the UEFI/BIOS firmware of a device.
This offers a number of advantages: Embedding malicious code in the booting mechanism ensures that it runs first, before any other functions. This “bootkit” functionality thus allows an attacker to control how the operating system is booted or even directly modify the OS to gain complete control over a system and subvert higher-layer security controls.
“This activity sets the stage for TrickBot operators to perform more active measures such as the installation of firmware implants and backdoors or the destruction (bricking) of a targeted device,” researchers explained, in a posting on Thursday, adding that such bricking is difficult to remedy. “It is quite possible that threat actors are already exploiting these vulnerabilities against high-value targets.”
UEFI-level implants also have an additional advantage in that they’re extremely stealthy.
“Since firmware is stored on the motherboard as opposed to the system drives, these threats can provide attackers with ongoing persistence even if a system is re-imaged or a hard drive is replaced,” researchers noted. “Similar UEFI-focused threats have gone years before they have been detected. Indeed, this is precisely their value to attackers.”
Bootkits: A Rare Functionality
The ability to write malicious code to the system firmware, ensuring that attacker code executes before the operating system while also hiding the code outside of the system drives, has only been seen actively happening in a limited fashion before, the researchers noted.
“These capabilities have been abused in the past as a way for attackers to maintain persistence in firmware, most notably by the LoJax malware and the Slingshot APT campaign,” they said. “However, TrickBot marks a significant expansion of these techniques in the wild.”
In October, a rare firmware bootkit was spotted being used to target diplomats and members of non-governmental organizations (NGOs) from Africa, Asia and Europe. It turned out to be part of a newly uncovered framework called MosaicRegressor.
“It took over five years for the industry to discover the use of Hacking Team’s VectorEDK UEFI implant code that was used in the wild as part of the MosaicRegressor campaign, despite the source code being readily available on Github and even documented in its use,” Eclypsium and AdvIntel researchers concluded. “Given how active, well-resourced and capable TrickBot authors are, we wanted to research, analyze, and expose whatever tooling they already have in place in order to allow organizations to prepare effective defenses more rapidly.”
TrickBot’s Evolution Continues
TrickBot is a well-known and sophisticated trojan first developed in 2016 as a banking malware – it has a history of transforming itself and adding new features to evade detection or advance its infection capabilities. In 2017 for instance it added functionality to exploit the EternalBlue and EternalRomance vulnerabilities. So, moving far beyond its banking roots, it has developed over the years into a full-fledged, module-based crimeware solution typically aimed at attacking corporations and public infrastructure.
Users infected with the TrickBot trojan will see their device become part of a botnet that attackers use to load second-stage malware – researchers called it an “ideal dropper for almost any additional malware payload.”
Typical consequences of TrickBot infections are bank-account takeover, high-value wire fraud and ransomware attacks. It’s often seen working in concert with Emotet, another concerning and widespread trojan that’s known for its modular design and ability to deliver a range of payloads, including the Ryuk ransomware.
The evolution to adding automated scanning for firmware bugs should make defenders take notice, according to the researchers.
“The addition of UEFI functionality marks an important advance in this ongoing evolution by extending its focus beyond the operating system of the device to lower layers that are often not inspected by security products and researchers,” they explained. “Given that the TrickBot group toolset has been used by some of the most dangerous criminal, Russian and North Korean actors to target healthcare, finance, telecoms, education and critical infrastructure, we view this development as critically important to both enterprise risk and national security.”
Bouncing Back from Takedown
In October, TrickBot was dealt a serious blow thanks to a coordinated action led by Microsoft that disrupted the botnet that spreads it. A District Court granted a request for a court order to halt TrickBot’s operations, which Microsoft carried out in concert with other firms, including ESET, Lumen’s Black Lotus Labs, NTT Ltd., Symantec and others.
“We disrupted TrickBot through a court order we obtained, as well as technical action we executed in partnership with telecommunications providers around the world,” wrote Tom Burt, corporate vice president, Customer Security & Trust, at Microsoft, at the time. “We have now cut off key infrastructure so those operating TrickBot will no longer be able to initiate new infections or activate ransomware already dropped into computer systems.”
However, researchers warned at the time that TrickBot’s operators would quickly try to revive their operations – a prediction which quickly came true.
According to AdvIntel and Eclypsium, active TrickBot infections have swelled in the two months since the takedown, peaking at up to 40,000 new victims in a single day.
“Getting a footprint is not a challenge for TrickBot operators,” they explained. “Determining which victims are high-value targets and persisting in those environments to hit them again later defines a large portion of the TrickBot toolset, and frames the significance of this discovery.”
TrickBoot: UEFI/BIOS Bug Scanning
AdvIntel researchers first discovered the new function when they ran across the name “PermaDll” in a TrickBot attack chain that emerged in October.
“Perma, sounding akin to ‘permanent,’ was intriguing enough on its own to want to understand this module’s role,” researchers explained. “Initial analysis pointed to the possibility there might be capabilities related to understanding whether a victim system’s UEFI firmware could be attacked for purposes of persistence or destruction.”
Analysis showed that the TrickBoot module uses the RwDrv.sys driver from the popular RWEverything tool.
“RWEverything (read-write everything) is a powerful tool that can allow an attacker to write to the firmware on virtually any device component, including the SPI controller that governs the system UEFI/BIOS,” according to the research.
TrickBoot uses this to interact with the firmware’s SPI controller to check if the firmware can be modified, by checking if BIOS write protection is enabled or not.
“TrickBot includes an obfuscated copy of RwDrv.sys embedded within the malware itself,” the researchers said. “It drops the driver into the Windows directory, starts the RwDrv service, and then makes DeviceIoControl calls to talk to the hardware.”
So far, only scanning activity has been detected – however, primitive code for reading, writing and erasing firmware is also built into the module, signaling future activity, according to the firms.
Put Ransomware on the Run: Save your spot for “What’s Next for Ransomware,” a FREE Threatpost webinar on Dec. 16 at 2 p.m. ET. Find out what’s coming in the ransomware world and how to fight back.
Get the latest from John (Austin) Merritt, Cyber Threat Intelligence Analyst at Digital Shadows, and Israel Barak, CISO at Cybereason, on new kinds of attacks. Topics will include the most dangerous ransomware threat actors, their evolving TTPs and what your organization needs to do to get ahead of the next, inevitable ransomware attack. Register here for the Wed., Dec. 16 for this LIVE webinar.