The ransomware breach of hardware manufacturer Micro-Star International, better known as MSI, has raised concerns of malicious supply chain attacks that could inject malicious updates signed by key to sign the company trusted by a large base of end-user devices, a researcher said.
“It’s like a doomsday scenario where it’s very difficult to update devices simultaneously, and they stay for a while not up to date and use the old key for authentication,” Alex Matrosov, CEO , head of research and promoter. of security firm Binarly, said in an interview. “It’s very difficult to solve, and I don’t think MSI has any backup solution to really block leaked keys.”
Leaked key + no recovery = recipe for disaster
The intrusion came to light in April when, as Bleeping Computer first reported, the Money Message ransomware group’s extortion portal listed MSI as a new victim and published screenshots showing folders containing private encryption keys, source code, and other data. A day later, MSI issued a brief advisory saying that it “suffered a cyberattack on part of its information systems.” The advisory encourages customers to get updates from the MSI website only. It doesn’t talk about leaked keys.
Since then, Matrosov has analyzed data released by the Money Message site on the dark web. To his alarm, the trove included two private encryption keys. The first is a signing key that digitally signs MSI firmware updates to cryptographically verify that they are legitimate from MSI rather than a malicious impostor from a threat actor.
This raises the possibility that the leaked key could push updates that could damage the lowest regions of the computer without warning. To make things worse, Matrosov said, MSI does not have an automated patching process in the way that Dell, HP, and many larger hardware manufacturers. Because of this, MSI does not provide the same type of key recovery capabilities.
“Too bad, it doesn’t happen often,” he said. “They need to pay more attention to this incident because there are serious security implications here.”
Adding to the concern, MSI has so far remained radio silent on the matter. Company representatives did not respond to emails seeking comment and asking if the company plans to issue guidance to its customers.
Over the past decade, supply chain attacks have delivered malicious payloads to thousands of users in a single incident when victims did nothing more than install a validly signed update. The 2019 compromise of the software build and distribution system for SolarWinds, a cloud-based network management service.
With control over the private key used to certify legitimate updates, the Kremlin-backed hacking unit known as APT29 and Cozy Bear, believed to be part of Russia’s Foreign Intelligence Service, infected more than 18,000 customers in the first stage of malware. Ten federal agencies and about 100 private companies received follow-on payloads that installed backdoors for use in espionage.
In March, phone company 3CX, maker of the popular VoIP software used by more than 600,000 organizations in 190 countries, disclosed a breach in its building system. The hackers behind the intrusion, working for the North Korean government, according to researchers, used their foothold to deliver malicious updates to an unknown number of customers.
The security company Mandiant later reported that the compromise of 3CX resulted from an infection through an attack on the supply chain of software developer Trading Technologies, maker of the X_Trader financial trading program used by 3CX.
There have been no reports of any supply chain attacks targeting MSI customers. Gaining the kind of control needed to compromise a software build system is often a trivial event that requires a lot of skill and possibly luck. Since MSI doesn’t have an automatic update mechanism or a recovery process, the bar might be lower, though.
Regardless of the difficulty, owning the signing key that MSI uses to cryptographically verify the authenticity of its installer files greatly reduces the effort and resources required to obtain an effective installation. -attack on the supply chain.
“The worst case scenario is if attackers get not only access to the keys but can also distribute this malicious update. [using those keys]”said Matrosov.
In an advisory, the Netherlands-based National Cybersecurity Center did not rule out the possibility.
“Because successful abuse is technically complex and in principle requires local access to a vulnerable system, NCSC considers the risk of abuse to be low,” NCSC officials wrote. “However, it is not inconceivable that the leaked keys will be misused in targeted attacks. The NCSC has not been aware of any indication of misuse of the leaked key material.
Adding to the threat, the Money Message hackers also obtained a private encryption key used by a version of Intel Boot Guard that MSI distributes to its customers. Many other hardware manufacturers use different keys that are not affected. In an email, an Intel spokesperson wrote:
Intel is aware of these reports and is actively investigating. There are researchers who claim that private signing keys are included in the data including MSI OEM Signing Keys for Intel BootGuard. It should be noted that Intel BootGuard OEM keys are created by the system manufacturer, and they are not Intel signature keys.
Intel Boot Guard is built into modern Intel hardware and is designed to prevent the loading of malicious firmware typically in the form of a UEFI bootkit. This malware lives in the silicon embedded in the motherboard, is difficult if not impossible to detect, and is the first thing to execute every time a computer is turned on. UEFI infections allow malware to be loaded before the operating system starts, making it possible to bypass protections and better hide from endpoint security protection.
Owning two keys further increases the threat of a worst-case scenario. Wednesday’s advisory from the NCSC explains:
Intel Boot Guard is a technology developed by Intel. Intel Boot Guard verifies that the motherboard firmware is digitally signed by the vendor during the boot process of a system. MSI’s Intel Boot Guard leak and firmware keys enable an attacker to sign their own malicious firmware. An attacker with (in principle local) access to a vulnerable system can install and run this firmware. This gives the attacker remote access to the system, bypassing all previous security measures. For example, an attacker can gain access to data stored in the system or use the access to perform additional attacks.
Chip manufacturer Intel informed the NCSC that the leaked private keys were MSI-specific and therefore only available on MSI systems. However, MSI motherboards can be integrated with products from other vendors. As a result, abuse of leaked keys can also occur in these systems. See “Possible Solutions” for more information on affected systems.
For now, people using the affected hardware—which currently seems to be limited to MSI customers or possibly third parties that sell MSI hardware—should be extra cautious with any firmware updates, even if they are validly signed.