Researchers have discovered a stealth UEFI rootkit used in highly targeted campaigns by notorious cyber spy group APT41 suspected of having links to the Chinese government. The group has already stood out in the past by carrying out supply chain attacks. Dubbed MoonBounce by Kaspersky Lab researchers, the implant’s goal is to inject a malicious driver into the Windows kernel during boot phases, providing attackers with a high level of persistence and stealth. Even though MoonBounce isn’t the first UEFI rootkit discovered in the wild – LoJax and MosaicRegressor are, for example – these types of implants aren’t common, as they require low-level programming knowledge. firmwares. They are usually found in the arsenal of sophisticated and well-resourced attack groups.

What is a UEFI rootkit?

The Unified Extensible Firmware Interface or UEFI, that is to say is the modern equivalent of the BIOS. In fact, the two terms are still used interchangeably in many cases, as most modern BIOSes follow the UEFI standard and specification. Firmware is stored on a memory chip called flash SPI, soldered to the motherboard, and it contains the code necessary to initialize all other hardware components and configure them before execution is passed to the bootloader code, which starts the main operating system and its kernel.

UEFI contains various drivers for communicating with other chips on the motherboard, as well as with the CPU and other peripherals. Executing malicious code in such an early stage of a device’s initialization is extremely powerful, as there is no antivirus or intrusion detection solution working at this level. Additionally, operating system security features, such as driver digital signature verification, have not yet been initialized and can be disabled or bypassed. UEFI rootkits enjoy a head start and a privileged position compared to most other defenses present on a traditional computer. They can be difficult to detect and even prevent normal UEFI updates. Researchers recently discovered a similar low-level implant that infects the Baseboard Management Controller (BMC) firmware of HPE servers and operates on the same principles.

The PC industry has been adding security features to firmware over the past decade to protect against boot-level rootkits. For example, UEFI has SecureBoot, which relies on public key cryptography to verify that all code loaded during the boot process – from UEFI drivers and applications to the operating system bootloader and system kernel – has been digitally signed by a trusted component. Various regions of UEFI memory are frozen read-only or not executable. However, even though UEFI is a standard, PC manufacturers maintain their own custom implementations for their devices. This means that the UEFI of a computer from one vendor will be slightly different from that of another manufacturer’s computer. Over the years, vulnerabilities have been discovered in various vendors’ UEFI implementations that could allow attackers to bypass security features. Hence the importance of being able to easily deploy updates of this element from the operating system and keep the firmware up to date.

How MoonBounce works

MoonBounce was discovered in a UEFI component called CORE_DXE, where DXE stands for Core Execution Environment. This element initializes data structures and function interfaces that are then called by other DXE drivers. The attackers added malicious shellcode to the CORE_DXE image, then made changes to the code to hook some legitimate function calls and hijack their execution to their shellcode. “At the time of writing this report, we do not have enough evidence to explain how the UEFI firmware was infected in the first place,” Kaspersky researchers said. “However, we assume that the infection itself took place remotely. Unlike other UEFI firmware compromises (LoJax and MosaicRegressor) achieved by adding DXE drivers to the global firmware image on the SPI flash, the technique used this time is much more subtle and stealthy, as it involves modifying ‘an existing piece of firmware to alter its behavior’. This type of modification assumes that the attackers had access to the original firmware image. It is possible, if the attackers have remote access to the machine and administrative privileges to extract and flash the firmware.

How Moonbounce works. (Photo credit: Kaspersky)

Once executed, the malicious UEFI shellcode injects a malicious driver into the early stages of Windows kernel execution and this driver then pushes user-mode malware into the svchost.exe process once the operating system is up and running. The user-mode malware is a loader that connects to a hard-coded command-and-control server to download and execute additional payloads, which researchers have not yet been able to retrieve. So far, Kaspersky researchers say they have identified MoonBounce on only one victim machine, so it’s hard to say if the implant is more widely used. However, it is likely to be part of a highly targeted cyber espionage campaign. Researchers have found other malware on other machines on the same network, including one called ScrambleCross or SideWalk, already documented in the past, and attributed to a group of Chinese cyberspies known by different names, including APT41 , Barium or Winnti.

The APT41 group at work

The APT41 cyber-spy group is known for its ties to the Chinese government. It has been operating since at least 2012 and has targeted companies across many industries to collect intelligence. However, the group has also been identified in financially motivated attacks on the online gambling industry with no proven state ties, leading researchers to say it may be acting as an entrepreneur rather than a as a team within an intelligence agency. In September 2020, the US Department of Justice released indictments against three Chinese nationals and two Malaysians in connection with the APT41 attacks. Three of them were involved in running a company called Chengdu 404 Network Technology which allegedly served as a front company for the group’s activities.

APT41 uses an arsenal of over 46 different malware families and tools, as well as sophisticated techniques like supply chain attacks. This is particularly the case of an attack carried out in 2017 against CCleaner, and the distribution of malicious copies of the utility to 2.2 million users. The group is also believed to be responsible for ShadowPad, an attack that resulted in the distribution of malicious versions of a commercial enterprise server management tool called Xmanager. “As a security measure against this attack and others like it, it is recommended to update the UEFI firmware regularly and to check, if necessary, that BootGuard is activated,” the Kaspersky researchers said. “Similarly, enabling Trust Platform Modules, in case corresponding hardware is supported on the machine, is also advised. On top of that, using a security product that provides visibility into firmware images could add an extra layer of security, and alert the user to a potential compromise.”