1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Millions of Gigabyte motherboards were sold with a firmware backd

    From TechnologyDaily@1337:1/100 to All on Thu Jun 1 11:45:03 2023
    Millions of Gigabyte motherboards were sold with a firmware backdoor flaw - see if you're affected

    Date:
    Thu, 01 Jun 2023 10:27:01 +0000

    Description:
    Gigabyte firmware updater was working without proper contingencies, allowing for potential hijacks.

    FULL STORY ======================================================================

    Millions of motherboards built by Gigabyte were shipped out with a firmware backdoor that could have been abused to drop malware to the devices, experts have warned.

    In a blog post , security firm Eclypsium said that it recently spotted backdoor-like behavior within Gigabyte systems in the wild.

    Further analysis discovered that Gigabyte motherboards, a total of 271 different models, carried a hidden mechanism that quietly runs an updater program, which connects to a remote server, downloads, and then executes, software. While it might sound suspicious at best, but most likely malicious, Eclypsium says the updaters goal is a lot more benign: to keep the motherboards firmware up to date. Missing proper authentication

    Be that as it may, the researchers found that the updater is implemented insecurely, allowing threat actors to hijack the updater and use it for their own nefarious purposes. Apparently, the updater downloads code without proper authentication, in some cases even over an HTTP connection (as opposed to HTTPS). This would make man-in-the-middle attacks on rogue Wi-Fi networks a possibility, allowing potential threat actors to spoof the installation
    source and drop malware.

    Its important to note that the updater works from the firmware, and as such
    is immune to antivirus programs, endpoint security solutions, and similar. Read more

    Your motherboard could be infected with some seriously sneaky malware


    Millions of Windows 10 PCs exposed by nasty security vulnerability


    These are the best firewalls today

    So far, Gigabyte has been relatively quiet on the matter. Eclypsium says its now working with the manufacturer on a fix, and other than that, the
    Taiwanese giant did not want to answer any questions, Wired reports.

    The fix would most likely include a firmware update which would need to be pushed to millions of potentially affected devices. Gigabyte will also need
    to find a better way to deliver firmware updates to its hardware. Check out the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/news/millions-of-gigabyte-motherboards-were-sold-wit h-a-firmware-backdoor-flaw-see-if-youre-affected


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)