It really wasn’t all that long ago that user workstations didn’t typically utilize anti-virus software. The first “IBM Compatible” in-the-wild virus wasn’t found until 1986. McAfee VirusScan was released in 1987. Symantec’s Norton Anti-Virus was released in 1991. Kaspersky Lab was founded in 1997. The widespread adoption of the Internet hastened the spread of computer viruses exponentially. Prior to that, viruses typically spread through infected media, like floppy disks. In the mid to late 1990’s, it wasn’t uncommon at all for organizations to not have any anti-virus software deployed on workstations across the enterprise.
Over the years, viruses have been mutated, delivered vicious payloads, etc., but the sophistication of anti-virus/anti-malware software has escalated as well. Although new threats emerge every day, many (not necessarily all) are removable/recoverable, with varying amounts of effort. Although the first in-the-wild virus targeted at Linux based systems was found in 1996, the vast majority of viruses appear to have been targeted at Microsoft Windows based systems. As a generalization, these viruses exploited frailties discovered in the Microsoft Windows operating system, or in applications running on top of it.
In relative terms, a “new” type of threat has emerged. Instead of exploiting frailties in the operating system or applications, there are now exploits that take advantage of deficiencies in the firmware that actually interacts directly with the physical hardware.
In case you are not familiar with the term, a bootkit is type of rootkit malware that initiates before the operating system loads and therefore can take control of the entire system. Although the likelihood of becoming infected by a bootkit is usually relatively slim, if the exploit takes hold on your system, it can be devastating.
The bootkit being discussed here is not targeted at the massive amount of Windows workstations in the world. Back in December, 2014, the first ever publicly known OS X bootkit was presented at the Chaos Computer Club conference in Hamburg, Germany. It is specifically targeted at Apple MacBook devices. Trammell Hudson developed the attack and named it Thunderstrike. It exploits a vulnerability deep in the core of the firmware of the MacBook. Here is a link to Hudson’s own posting on the topic, including a link to a video of his actual presentation (https://trmm.net/Thunderstrike_31c3).
The insidious thing about this bootkit is that even if you go to the extreme of re-installing the operating system, wiping the disk drive clean, or even replacing the hard drive, the bootkit is still present.
How It Gets In…
This article is not going to even attempt to explain all of the fine details of how Thunderstrike actually gets “into” a MacBook. However, at a higher level, here is essentially what happens. If a user plugs in an “infecting” device to the Thunderbolt port on a MacBook, and then boots the system, the device injects an “Option ROM” into the extensible firmware interface (EFI) of the MacBook. The Option ROM replaces the RSA encryption key that the MacBook uses to ensure that only authorized firmware is installed. From there, the Thunderbolt device can then install malicious firmware that can’t easily be removed by anyone who doesn’t have the new encryption key. What is important to know here is that the infecting device only needs to be connected during a power up cycle. No logon or actual access to the operating system is required. If your MacBook is left alone where an attacker can momentarily plug in the infecting device, your machine is compromised. The actual attack could take place in your hotel room, during a security scan at the airport, or even during shipping, before you ever receive your brand new MacBook.
To proliferate itself, Thunderstrike could deliver a payload that writes itself to any Thunderbolt device connected to the MacBook at a future point in time. For purposes of illustration, Hudson demonstrated this exploit using a Gigabit Ethernet adapter that connects to a MacBook via the Thunderbolt port. It is not difficult to conjecture that other Thunderbolt connected devices could be exploited as well. As Thunderbolt connected devices are often shared devices, it is not difficult to see how this could spread from one MacBook to another.
Upon first being told of how Thunderstrike is deployed, one has to wonder why the ROM firmware could be written during power up. After all, ROM is an acronym for “Read Only Memory.” The term “read only” does imply that it can’t be overwritten. Hudson figured out that the Option ROM is actually writable during the early portion of the power up cycle, and that the MacBook Option ROMs are loaded during a recovery mode boot. As a result, whenever the MacBook is brought out of hibernation (simply opening the MacBook after closing it while still powered on), the infected Options ROMs are loaded by the operating system, and payload is delivered.
Hudson’s work was specifically done using the MacBook’s Thunderbolt port. In all fairness to Apple, the fact that this vulnerability is actually an attack administered through the firmware, not directly through the operating system, appears to imply that OS X is still a fairly secure operating system when compared to others. It is doubtful that OS X is an impenetrable as Apple, or your friend with the MacBook, would like it to be. Market share, if nothing else, makes Microsoft Windows devices a bigger target. As a result, virus authors attempt to exploit deficiencies in those devices much more often than MacBooks.
MacBooks are used extensively every day. If you use a MacBook, should you feel more vulnerable after learning about Thunderstrike? That answer is a resounding “No.” Before learning about this, you knew that vulnerabilities likely existed, you just didn’t know what one of the vulnerabilities was.
What everyone needs to take away from this is twofold:
1) No device is impenetrable, regardless of the operating system or hardware.
2) Physical security is paramount.
Thunderstrike highlights a specific vulnerability. What should be of concern to all computer users is the likelihood of similar vulnerabilities. What if this same type of vulnerability exists with USB connected devices? How many other hardware manufacturers have vulnerabilities in their firmware that can be exploited in a similar manner?
Brian E. Holzer, CCE-V, CCP-N, CCP-M, CCA-N (former CCI)
Innovative Integration, Inc.