FYI: Intel BootGuard OEM private keys leak from MSI cyber heist
Plus: Court-ordered domain seizures of DDoS-for-hire sites
Updated Intel is investigating reports that BootGuard private keys, used to protect PCs from hidden malware, were leaked when data belonging to Micro-Star International (MSI) was stolen and dumped online.
It's understood the private keys were generated by MSI to use with Intel's BootGuard technology, and were among internal source code and other materials taken from the computer parts maker's IT systems last month – at least some of which has since been shared on the internet.
PCs with Intel chips and BootGuard protection enabled and configured will, typically and generally speaking, only run firmware if it is digitally signed using keys like those leaked from MSI. That firmware starts the OS – a process described by Intel here [PDF] and required to satisfy Windows Secure Boot requirements.
If the firmware isn't correctly digitally signed, it could be because someone has tried to subvert the code to insert some unauthorized spyware below the operating system, out of sight of antivirus and other defense tools. Ideally, you want BootGuard to prevent such strange firmware from starting.
If someone has these private BootGuard keys, they could sign their malware so that the code is trusted and run by MSI computers rather than blocked. In effect, the leak of these keys hinders the ability for MSI computers to use Intel's BootGuard to block bad, unwanted, or malicious firmware, which is not great.
The leaked private keys affect 116 products, according to Binarly CEO Alex Matrosov, whose security biz was among those probing the extent of the leak. Binarly shared on GitHub a list of MSI products, as well as other firmware signing keys, compromised by the data theft.
Intel BootGuard OEM keys are generated by the system manufacturer, and these are not Intel signing keys
"Intel is aware of these reports and actively investigating," an Intel spokesperson told The Register on Monday.
"There have been researcher claims that private signing keys are included in the data including MSI OEM Signing Keys for Intel BootGuard. It should be noted that Intel BootGuard OEM keys are generated by the system manufacturer, and these are not Intel signing keys."
If miscreants can bypass the BootGuard technology, they could gain full system access, steal sensitive data, and perform all sorts of illicit activities without being noticed as their malware runs underneath the OS and antivirus packages.
BootGuard's security is baked in, with silicon-level fuses in the chips – so if these private keys leak, there's no easy fix in terms of revoking the keys, or generating and using fresh private-public key pairs for machines already out there. As we understand it, the chipset has the public half of these MSI-issued firmware signing keys fixed in place, and the private half has leaked. If that's the case, MSI-based computer systems in use today are at risk from miscreants using the private keys to sign code that will pass all checks.
In late March, an extortion gang called Money Message invaded MSI and claimed it had stolen 1.5TB of data. This, according to the criminals' dark web site, included MSI's CTMS and ERP databases, as well as source code, private keys, and BIOS firmware.
The crooks posted screenshots to prove it, and threatened to release this data unless MSI paid a $4 million ransom. It's understood at least some of that information – such as the MSI firmware source code and private BootGuard keys – has escaped into the wild from the extortionists' leak site.
- MSI hit in cyberattack, warns against installing knock-off firmware
- Nearly 300 MSI motherboards will run any old code in Secure Boot, no questions asked
- Acer confirms server intrusion after miscreant offers 160GB cache of stolen files
- Western Digital: Customer info stolen in that IT attack
On Friday, Matrosov said he had confirmed the Intel OEM private key leak, "causing an impact on the entire ecosystem."
The Feds have also seized 13 internet domains selling distributed-denial-of-service attacks as part of the Justice Department's ongoing game of whac-a-mole with these network-attacking "booter" websites.
The DOJ announced four men pleaded guilty earlier this year to federal charges related to their roles in booter websites – either operating the websites or participating in the DDoS-for-hire services. The four are: Jeremiah Sam Evans Miller, 23, of San Antonio, Texas; Angel Manuel Colon Jr, 37, of Belleview, Florida; Shamar Shattock, 19, of Margate, Florida; and Cory Anthony Palmer, 23, of Lauderhill, Florida.
Like horror movie monsters, these DDoS-for-hire sites don't stay dead for very long. In fact, 10 of the 13 domains announced today [PDF] are reincarnations of services that were supposedly shut down in December, during an earlier court-ordered seizure.
"Some of these sites returned within a span of days following the previous seizure, and others over the following weeks," the court documents [PDF] say, adding that in most cases the new domains were only "superficially changed." CyberStress, for example, was seized as cyberstress.us, and then began operating as cyberstress.org.
The FBI said it tested all the 13 sites to verify that they were selling DDoS attack services – and accepting payments for these. It also told the court that in all 13, illegal activities crossed the US border. For example: some had domains registered in the US, but were hosted by a company outside the US or associated with a payment processor outside the US.
"It appears that Intel BootGuard may not be effective on certain [MSI] devices based on the 11th Tiger Lake, 12th Adler Lake, and 13th Raptor Lake," Matrosov continued. "Our investigation is ongoing, stay tuned for updates."
It's believed the leak may affect Lenovo, Supermicro, "and many others" in Intel's ecosystem, according to Binarly. Neither Lenovo nor Supermicro responded to The Register's inquiries, but we will update this story if and when we hear back from these manufacturers. ®
Updated to add
"Based on our current review and investigation, Supermicro products are not affected," a Supermicro spokesperson told us. Any updates will be posted on the company's security advisory portal.