Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards
Researchers at Eclypsium discovered that hundreds of Gigabyte motherboard models include a backdoor functionality that could pose a significant risk to organizations. The backdoor was discovered based on behavior associated with the functionality, which triggered an alert in Eclypsium's platform. The firmware on many Gigabyte systems drops a Windows binary that is executed when the operating system boots up, and the dropped file then downloads and runs another payload fetched from Gigabyte servers. The payload is downloaded over an insecure connection, and the file's legitimacy is not verified. There is no evidence that the backdoor has been leveraged for malicious purposes, but it could be abused by threat actors. Eclypsium has published a list of over 270 affected motherboard models, indicating that millions of devices likely have the backdoor. Malware: Gigabyte [View Article](https://ciso2ciso.com/organizations-warned-of-backdoor-feature-in-hundreds-of-gigabyte-motherboards-source-www-securityweek-com/)