Researchers have uncovered a new UEFI bootkit that has the capability to infect Windows machines from Windows 7 up through 10 and remain persistent on the EFI System Partition by installing a malicious Windows Boot Manager.
The new malware is called ESPecter and is somewhat similar, but unrelated to, another UEFI bootkit named FinSpy that Kaspersky disclosed last week. Its origins stretch back to at least 2012 and it has a number of interesting capabilities, including the ability to bypass the Windows Driver Signature Enforcement to load a malicious driver as part of its infection process. ESPecter’s initial infection vector isn’t clear at this point, but researchers at ESET, who discovered the malware, believe it is mainly used for information stealing and espionage and said it may have Chinese authors.
UEFI is the successor to the older BIOS and is designed to be the first thing that runs on boot up. UEFI bootkits are rare and most of the ones that have been identified in the wild have been SPI flash implants rather than ESP implants. The purpose of both types of UEFI malware is to gain control of the lowest level of the machine’s boot process and remain hidden and persistent without any obvious signs of compromise. In the case of ESPecter, this is achieved by patching the Windows Boot Manager, which controls the boot process from the time the machine is started up.
“By patching the Windows Boot Manager, attackers achieve execution in the early stages of the system boot process, before the operating system is fully loaded. This allows ESPecter to bypass Windows Driver Signature Enforcement (DSE) in order to execute its own unsigned driver at system startup,” Martin Smolár and Anton Cherepanov of ESET wrote in their analysis of the malware.
“By patching the Windows Boot Manager, attackers achieve execution in the early stages of the system boot process."
“This driver then injects other user-mode components into specific system processes to initiate communication with ESPecter’s C&C server and to allow the attacker to take control of the compromised machine by downloading and running additional malware or executing C&C commands.”
One of the main defenses that modern Windows systems have against malware such as ESPecter is the Secure Boot component, which is meant to prevent unsigned or malicious UEFI binaries from loading during the boot process. There have been several vulnerabilities identified in UEFI implementations in the last few years, so the unidentified attackers behind ESPecter may have the capability of exploiting one or more of these vulnerabilities in order to disable Secure Boot. Or, if they have physical access to a target machine, they could disable it that way, as well.
The ESPecter code has not changed much in the nearly 10 years since the first known version, even though the Windows boot process has changed quite a bit in that time. Older versions of the malware modified the Windows Master Boot Record (MBR) to maintain persistence, but the newest iteration has the added ability to make changes to the Windows Boot Manager.
“On systems using UEFI Boot mode, ESPecter persistence is established by modifying the Windows Boot Manager bootmgfw.efi and the fallback bootloader binary bootx64.efi, which are usually located in the ESP directories \EFI\Microsoft\Boot\ and \EFI\Boot, respectively. Modification of the bootloader includes adding a new section called .efi to the PE, and changing the executable’s entry point address so program flow jumps to the beginning of the added section,” Smolár and Cherepanov said.
“Starting with the bootloader, in our case Windows Boot Manager (bootmgfw.efi), the bootkit begins by patching the BmFwVerifySelfIntegrity function. This function is responsible for verification of the boot manager’s own digital signature and is intended to prevent execution of a modified boot manager. You can see how ESPecter searches memory for BmFwVerifySelfIntegrity using various byte patterns (to support many bootmgfw.efi versions) and modifies this function in a way that it always returns zero, indicating that verification was successful.”
The user-mode component of ESPecter has a full set of capabilities, including a keylogger, and the ability to take screenshots.
Smolár and Cherepanov said ESPecter was discovered on a compromised machine, which led to the investigation and unraveling the history and versions of the malware.