A cybersecurity company called Eclypsium has made a startling discovery. They found a hidden backdoor in the firmware of motherboards (the main circuit board in a computer) made by a Taiwanese company called Gigabyte, and this backdoor makes the motherboards easily accessible for hackers to break into.
Gigabyte apparently integrated a Windows executable file into the firmware of its motherboards. This file is executed when the computer starts up, meaning that each time you restart your computer, the firmware’s code activates Gigabyte’s app center. This app center then proceeds to download and run a file from the internet.
How was the firmware found to be insecure?
The Eclypsium team found the firmware to be insecure only after scouring customers’ computers for firmware-based malicious code.
It all sounds reasonable, as the code is only there to keep the firmware up-to-date at all times. The issue is that the code was installed insecurely by Gigabyte, so hackers can easily hijack these devices and install their own malware rather than the intended Gigabyte programs that would continuously update the firmware. And what’s worse is that all this can be done without the owner of the device ever being aware of what’s happening.
What models are affected by this insecure firmware?
In their research, the team at Eclypsium found that 271 models of Gigabyte motherboards are affected by this insecure firmware. You can click here if you’re a PC owner and want to see if your device is on the list of models they compiled.
MORE: WHY WINDOWS IS THE #1 TARGET FOR MALWARE: 2 EASY WAYS TO STAY SAFE
How do I check which motherboard my PC uses?
If you’re not sure which motherboard your PC uses, you can check by clicking on your Windows Start button and selecting System Information.
MORE: WAS YOUR PRIVATE DATA BEING SOLD ON THIS DARK WEB MARKETPLACE?
MORE: WHAT IS A VPN? CAN IT REALLY PROTECT MY ONLINE PRIVACY AND SECURITY?
What can I do if I have a PC that could be affected?
Although this is an unfortunate mistake made by Gigabyte, you can still do a few things to protect yourself from a hacker breaking into your device. Here are some of my tips.
Update your firmware
Check for firmware updates provided by Gigabyte for your specific motherboard model. Visit Gigabyte’s official website and look for the latest firmware updates available. Download and install the updates following the provided instructions. These updates may include security patches and fixes that address the vulnerability.
Enable automatic firmware updates
If your motherboard supports it, enable the option for automatic firmware updates. This will ensure that you receive future updates promptly and minimize the risk of potential vulnerabilities being exploited.
Have good antivirus software
Keeping hackers out of your devices can be prevented if you have good antivirus software installed. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links which may install malware on your devices, allowing hackers to gain access to your personal information.
Find my review of Best Antivirus Protection here
Keep your software up to date
Regularly update your operating system, web browsers, and other software on your device. These updates often include security patches that address vulnerabilities and protect against known threats.
Kurt’s key takeaways
Good work on the part of the cybersecurity company Eclypsium. Without their diligent research, we would never have learned about this hidden feature in Gigabyte motherboards that poses a serious security risk. Hackers can exploit this hidden feature and potentially install their own malware without you even knowing it. Gigabyte has identified 271 affected motherboard models, and if you have one of these computers, I advise you to update your firmware, use antivirus software, consider a VPN, enable two-factor authentication, and keep all software up to date to mitigate the risk of being hacked.
Why does it seem like we’re less and less protected by companies like this? What do you think? Let us know by commenting below.
FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Related:
- Why Windows is the #1 target for malware: 2 easy ways to stay safe
- Was your private data being sold on this dark web marketplace?
- What is a VPN? Can it really protect my online privacy and security?