beebright - stock.adobe.com
Security researchers have discovered the notorious Trickbot malware has changed and is now targeting firmware.
The malware, often used by threat actors to drop ransomware, has garnered much attention over the past few months with multiple takedown attempts, including a technical disruption reportedly led by U.S. Cyber Command. Microsoft led a legal takedown in October, which offered a temporary pause in activity. Despite those efforts, Trickbot operators have updated the malware with new capabilities.
In a new research paper, security vendors Advanced Intelligence and Eclypsium revealed a new module for the malware, dubbed "TrickBoot," is capable of inspecting the Unified Extensible Firmware Interface (UEFI)/BIOS firmware of targeted systems. Using that functionality, attackers can search for vulnerabilities that will allow them to essentially take over the UEFI/BIOS firmware of a device and read, write or delete data. Threats against the UEFI are especially concerning for two reasons: It's an essential part of any modern computer device, and malicious code planted on the UEFI can survive operating system (OS) reinstalls.
While exploitation has not been detected in the wild, researchers did observe Trickbot performing reconnaissance for firmware vulnerabilities.
"It is quite possible that threat actors are already exploiting these vulnerabilities against high-value targets. Similar UEFI-focused threats have gone years before they have been detected. Indeed, this is precisely their value to attackers," Advanced Intelligence and Eclypsium wrote in the research paper.
Jesse Michael, principal researcher at Eclypsium, told SearchSecurity the TrickBoot module provides additional leverage because threat actors can intentionally brick a target system. "It also can be done if a bricking attack or permanent denial of service attack is something that their particular motivation affords," he said. "That's something they didn't even try to ransom."
According to Eclypsium principal strategist Scott Scheferman, there are many ways cybercriminal groups can benefit from the TrickBoot module, including maintaining persistent access to a victim's network.
"You pay [ransomware actors] the money and they show you they got rid of the backdoors and you feel like you're good," he said. "You've done host-level forensics so you think you've eradicated it, but if they got the firmware, there they stay. They can either take that same footprint and repurpose it and sell it to another third party later, or you've got this persistence. Let's just come back three months later and hit the same organization because they just paid."
According to the report, by implanting malicious code in firmware, attackers can ensure their code is the first to run.
"Bootkits allow an attacker to control how the operating system is booted or even directly modify the OS to gain complete control over a system and subvert higher-layer security controls. UEFI level implants are the deepest, most powerful, and stealthy form of bootkits," Advanced Intelligence and Eclypsium wrote in the paper.
In addition to TrickBoot taking a new aim at firmware, the type of victim targeted has also changed, Michael said. "Before the nation-states were going after specific, precise targets, and this is more a broad spread that goes after anyone who is in this Trickbot botnet. The change in target will have a significant change in the type of cites that will be present here."
According to Scheferman, this is the first time they're seeing such a widely deployed criminal malware infrastructure at such a massive scale. "That has everything from national security implications all the way down to practical challenges."
While the scope may be broad, the sophistication level is low.
"They took some code, a large portion of it is open source already, and folded that as a singular capability in this one module," Scheferman said.
Michael said there's much more difficult things operators are doing in the rest of the Trickbot system. "[TrickBoot] is relatively straightforward and simple. There is a wealth of information on how to do this. Someone who is familiar with this space a little bit and who knows what registers are there could write this code in a day or two."
The report also highlights the resilience of Trickbot, referring to it as "one of the most adaptable pieces of malware today." Trickbot's history includes the reuse of established tools and exploits such as Mimikatz and EternalBlue, and according to the report, it's taking a similar approach to achieving persistence.
"The addition of UEFI functionality marks an important advance in this ongoing evolution by extending its focus beyond the operating system of the device to lower layers that are often not inspected by security products and researchers," Advanced Intelligence and Eclypsium wrote in the paper.
In a single day last month alone, 40,000 active, fully compromised devices were observed, according to the research paper.
"TrickBot is digging into the hidden area of firmware that is often overlooked. This presents a greater risk than ever before because the scale of TrickBot, which has previously brought highly disruptive ransomware, now brings firmware attacks to many more organizations who are likely unprepared for such techniques," Advanced Intelligence and Eclypsium wrote in the paper.
In addition, Eclypsium researchers said there are potentially millions of vulnerable devices that could fall victim to TrickBoot. Scheferman said the exact number of systems at risk is difficult to determine.
"Nobody could actually know. No two environments are alike because some organizations do patch firmware possibly, other ones absolutely don’t. Some operational environments never probably will because it's unplanned or planned downtime that costs them money," he said.
There have been multiple efforts to disrupt Trickbot, including a pre-election attempt in October by a Microsoft-led coalition. Because ransomware attacks posed a threat to Election Day security, taking down the ransomware dropper was a top priority. And while they were successful in waning Trickbot activity, with Microsoft saying it eliminated 94% of its operational infrastructure at one point, the operators quickly adapted and resurfaced with a new threat.
Scheferman and Michael told SearchSecurity they were not surprised in how Trickbot was updated following the takedowns. According to Scheferman, the new module was discovered on Oct. 19, the same week as the takedowns.
"This is just Trickbot being Trickbot. It is the world's most, as far as criminal groups go, the most sophisticated coding proactively. Coding all these different modules that have these unique capabilities that they bring along to a fight only as they need to," Scheferman said. "They don't show you the whole arsenal capabilities, they only do what they need to do so discovering something like this in the wild is difficult."
While this is a new direction for the Trickbot malware, firmware threats have been a growing concern within the infosec community for some time.
One example, which was discovered by Eclypsium in July, was a bootloader vulnerability that bypassed Secure Boot protection. Secure Boot was designed to ensure that a device is using authorized bootloaders and firmware by authenticating the software with valid digital signatures. However, the hardware security vendor uncovered a problem with how GRUB2, a Linux bootloader, parses its configuration file, which allowed unauthorized parties to bypass the signature check. The vulnerability, dubbed "BootHole," received a 8.6 CVSS score and affected a majority of modern Linux and Windows systems.
In October, Kaspersky Lab warned of another firmware threat dubbed MosiacRegressor. In that case, a rare type of malware known as a firmware bootkit was used to establish persistence on target computers. Kaspersky observed use in the wild by a Chinese-speaking hacking group.
Email security vendor Proofpoint has also observed the operators behind Trickbot updating some of their malware, according to Sherrod DeGrippo, senior director of threat research and detection.
"Proofpoint has not observed a significant change in the Trick volumes despite the disruptive activities by U.S. Cyber Command and the Microsoft-led coalition," she said in an email to SearchSecurity. "That said, we have observed the Trick actors updating some of their malware as a likely response to the activity. The Trick has demonstrated that its botnet is resilient to disruptive actions by governments and security vendors; however, it is not immune to future disruption. We anticipate a higher velocity of infrastructure changes and malware updates to occur in the near term."
Mitigation options offered in the research paper include firmware integrity checks for any device that is known for have been compromised by Trickbot. The most important mitigation factor, according to Michael, is integrating firmware updates.
"Given the popularity of TrickBot in the wild, it is important for security teams to ensure that their devices are not vulnerable and have not been compromised. Check devices to ensure that BIOS write protections are enabled. Update firmware to mitigate numerous vulnerabilities that have been discovered," Advanced Intelligence and Eclypsium wrote in the paper.