Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Millions of Gigabyte motherboards were sold with a firmware backdoor flaw - see if you're affected

Magnifying glass enlarging the word 'malware' in computer machine code

Millions of motherboards built by Gigabyte were shipped out with a firmware backdoor that could have been abused to drop malware to the devices, experts have warned.

In a blog post, security firm Eclypsium said that it recently spotted “backdoor-like behavior within Gigabyte systems in the wild.”

Further analysis discovered that Gigabyte motherboards, a total of 271 different models, carried a hidden mechanism that quietly runs an updater program, which connects to a remote server, downloads, and then executes, software. While it might sound suspicious at best, but most likely malicious, Eclypsium says the updater’s goal is a lot more benign: to keep the motherboard’s firmware up to date. 

Missing proper authentication

Be that as it may, the researchers found that the updater is implemented insecurely, allowing threat actors to hijack the updater and use it for their own nefarious purposes. Apparently, the updater downloads code without proper authentication, in some cases even over an HTTP connection (as opposed to HTTPS). This would make man-in-the-middle attacks on rogue Wi-Fi networks a possibility, allowing potential threat actors to spoof the installation source and drop malware.

It’s important to note that the updater works from the firmware, and as such is immune to antivirus programs, endpoint security solutions, and similar.

So far, Gigabyte has been relatively quiet on the matter. Eclypsium says it’s now working with the manufacturer on a fix, and other than that, the Taiwanese giant did not want to answer any questions, Wired reports.

The fix would most likely include a firmware update which would need to be pushed to millions of potentially affected devices. Gigabyte will also need to find a better way to deliver firmware updates to its hardware.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.