Security researchers have found malicious versions of the LoJack anti-theft software on computers belonging to government agencies from the Balkans and Central and Eastern Europe. They attribute the attacks to the a notorious Russian cyberespionage group known as APT28, Fancy Bear or Sednit.
Absolute LoJack, previously known as Computrace, is a highly persistent software that’s preloaded on many laptops and is embedded in their low-level UEFI/BIOS code. Once enabled by users, it allows laptop owners to remotely locate, lock and wipe their devices in case they’re stolen or lost.
Security researchers from Kaspersky Lab warned since 2014 that the Computrace technology can be modified to act as a malicious backdoor. Earlier this year, those fears came true, when researchers from Arbor Networks found samples of the LoJack Windows software agent that had been modified to communicate with a command-and-control server associated with APT28, instead of the legitimate server run by Absolute.
LoJack/Computrace has two components: A software agent for Windows that communicates with Absolute’s service and allows users to perform operations on their stolen devices; and a UEFI module that computer manufacturers preload in firmware. Once turned on by users, the low-level module ensures that the Windows agent gets reinstalled even if the hard drive is wiped.
Researchers from antivirus firm ESET have now found evidence that APT28 not only modified and abused the LoJack Windows agent, but at least in one case, they also successfully wrote a malicious UEFI module into the system’s firmware and used it to drop and execute malware during the boot process.
“This persistence method is particularly invasive as it will not only survive an OS reinstall, but also a hard disk replacement,” the researchers said in a new blog post. “Moreover, cleaning a system’s UEFI firmware means re-flashing it, an operation not commonly done and certainly not by the typical user.”
A computer’s SPI flash memory where the UEFI resides should normally be protected against arbitrary write attempts from inside the OS. However, enabling these protections is up to OEMs and, unfortunately, misconfigured platforms that allows SPI flashing are not uncommon.
According to ESET’s research, on select targets, APT28 used a digitally-signed kernel driver called RwDrv.sys that’s part of a free utility called RWEverything. This driver can be used to read information about a computer’s low-level settings and was used to determine if the SPI flash was protected or not.
The hackers used a second tool to save an image of the system’s firmware, which they then modified to include their malicious module and tried to flash it back to the system with a third tool. On systems where SPI was protected, the attackers attempted to exploit a vulnerability known since 2015 that can be used to bypass those restrictions.
To differentiate between the legitimate anti-theft technology and the trojanized version, ESET refers to APT28’s UEFI rootkit as LoJax.
“In cases of LoJax compromise, traces of other Sednit tools were never far away,” the researchers said. “In fact, systems targeted by LoJax usually also showed signs of these three examples of Sednit malware: SedUploader, a first-stage backdoor; XAgent, Sednit’s flagship backdoor; and Xtunnel, a network proxy tool that can relay any kind of network traffic between a C&C server on the Internet and an endpoint computer inside a local network. These facts allow us to attribute LoJax with high confidence to the Sednit group.”
Sednit/APT28 has been responsible for many high-profile attacks over the years, including the data breach at the U.S. Democratic National Committee in 2016. Earlier this year, the U.S. Department of Justice indicted 12 officers of the Russian military intelligence agency (GRU) for interfering in the 2016 U.S. presidential elections. That indictment attributes the X-Agent malware, APT28’s main tool, to the GRU, effectively linking the hacker group to the Russian government.
The best protection against UEFI rootkits is to turn on Secure Boot in firmware. When this feature is on, all firmware components and code loaded during the boot process need to be digitally signed with a trusted key; otherwise, it’s not executed.
Users also should make sure they’re using the latest UEFI version available for their laptop, as these updates might fix misconfigurations or vulnerabilities that could allow attackers to arbitrary write to the SPI flash memory.