When Hardware Comes With Malware

Building a device from the motherboard up is a rewarding, albeit frustrating, endeavor. At any point, you could invest in a component that doesn’t integrate with your established rig; you could fudge a connection or create a crack — any kind of damage is devastating to such a technical DIY project, so you probably take pains to ensure that your device is clean and cared for from beginning to end.

Hardware malware

However, there is one issue you might not have anticipated: buying hardware with malware already installed. Malware usually isn’t a consideration for hardware geeks, but it does dramatically impact the performance of a finished device. Unfortunately, more and more hardware — even the high-quality, name-brand stuff — is coming with unwanted bugs. Here’s what to know and what to do to avoid getting hit.

Examples of Malware on Hardware

This isn’t a horror story borne of fiction. There are dozens of instances of malware getting onto hardware before it reaches end-users. A simple example of this is compromised floppy disks of the ‘80s and ‘90s or corrupt USB drives even today — loading malware onto an external storage device is an easy and straightforward way to launch an attack. This is why you are severely discouraged from using USB drives given to you by strangers or found on the street; they could contain harmful programs that will wreck your device.

However, that kind of hardware isn’t exactly what most tech heads are concerned about. Instead, it is when the hardware that is legitimately purchased and comes with a top-tier reputation succumbs to a widespread and effective malware attack — and there are examples of this, too.

Take Operation ShadowHammer. Just this year, in March, infosec experts identified a strain of malware that seemed to affect only ASUS devices. After thorough research, it became clear that the malware gained access to ASUS computers through a live software update tool, which meant the corruption was authenticated with legitimate ASUS digital certificates. ASUS is a multi-billion-dollar hardware company, and yet it did not notice immediately that it pushed hardware with a vulnerable backdoor for more than five months.

Another instance of this was in VPNFilter’s heyday. VPNFilter is a Russian malware that infects Wi-Fi routers by systematically trying default usernames and passwords, which are found online. Because most routers straight from the manufacturer use default login credentials, your router could be infected long before you set it up in your home. Unfortunately, when a router is compromised, so is the entire network, often including any unsecured devices that connect to it.

It could be that there are more examples of corrupted hardware sneaking malware to consumers — we just don’t know about them yet. If huge, international hardware manufacturers like ASUS, Linksys and Netgear can fall victim to hacking, it’s entirely possible that your graphics cards, processors, and motherboard are equally at risk. Worse, detecting hardware-based attacks is incredibly tricky. So — what can you do to avoid malware-laden hardware?

New Testing Methods for Hardware

 Fortunately, infosec professionals are already hard at work on this issue. Recently, researchers have created a new testing method to identify hardware that has succumbed to malware infections. The test relies on characterizing the power usage of a system and each component within it. If power fluctuates in certain patterns, the hardware is likely compromised by malware.

New Testing Methods for Hardware

As you might expect, there are already plans to utilize this practical test in cybersecurity efforts. Some hardware manufacturers are making plans to integrate sensors into the battery to track the power fluctuations and report to max security antivirus software or firmware installed on the device. If you are building your computer, you might want to look into adding a similar detection tool to your rig so that you can enjoy similar levels of security.

Malware is evolving rapidly, and you should expect to see similar stories to Operation ShadowHammer and VPNFilter in the coming years. As attacks become more sophisticated, hardware manufacturers will need to modify their operating procedures to enhance security, or else their products will give way to malware. Fortunately, by taking the time now to adopt the tools and tricks to overcome malware in your hardware, you can continue enjoying top-quality hardware free from the risk of cyberattack.

Comments are closed.