When the Spectre and Meltdown vulnerabilities were revealed in millions of processors earlier this year, those deep-seated vulnerabilities rattled practically the entire computer industry. Now a group of Israeli researchers is outlining a new set of chip-focused vulnerabilities that, if confirmed, would represent another collection of flaws at the core of computer hardware, this time in a processor architecture designed by AMD. But the researchers now also face their own questions: about the hype they're piling onto those revelations, the timing of their disclosure to AMD, and even their financial motivations for their work.
On Tuesday morning, hardware security firm CTS Labs published a paper and website pointing to four new classes of attack that the company says are possible against AMD chips in both PCs and servers. Together, they seem to offer an array of new methods for hackers who have already gained significant access to a computer running AMD's "Zen" processor architecture. At their worst, the vulnerabilities as described would allow attackers to bypass security safeguards against tampering with the computer's operating system, and potentially plant malware that evades practically any attempts to detect or delete it on AMD chips.
"We believe that these vulnerabilities put networks that contain AMD computers at a considerable risk," reads a paper published by the CTS researchers. "Several of them open the door to malware that may survive computer reboots and reinstallations of the operating system, while remaining virtually undetectable by most endpoint security solutions. This can allow attackers to bury themselves deep within the computer system and to potentially engage in persistent, virtually undetectable espionage."
But in an unusual move, the CTS researchers shared their full findings with AMD only a day before going public, practically blindsiding the company. The typical disclosure window lasts for months, to give affected manufacturers a chance to address the issues. They also released their paper with almost no technical details that would allow anyone to reproduce the attacks they describe. And CTS includes an unusual disclaimer on its website that it may have "an economic interest in the performance of the securities of the companies" implicated in its reports, raising concerns from security analysts that they could benefit from a drop in AMD's stock price.
"It's kinda hard to parse it all at face value, because I don't think they are acting in good faith, and the lack of details makes it unverifiable," wrote Ben Gras, a hardware security researcher at the Free University of Amsterdam. "It makes me worry that even the impact may be reported in an inflated way."
Security researcher Arrigo Triulzi described the research in simpler terms on Twitter: "over-hyped beyond belief."1
Hyped or not, the CTS researchers appear to have found real vulnerabilities in AMD's Zen architecture chips, which they break down into four classes of attack called Ryzenfall, Masterkey, Fallout and Chimera.
The first three of those techniques, they say, take advantage of security vulnerabilities in AMD's Secure Processor, a separate processor within AMD chips designed to perform independent security checks on its operations. If a hacker has administrative privileges on a target machine, CTS's attacks allow them to run their own code on those secure processors. That would allow attackers to circumvent safeguards like secure boot protections, which protect the integrity of the operating system when it loads, as well as Windows' credential guard, which prevents hackers from stealing passwords out of memory. The attacks might even allow hackers to plant their own malware in those secure processors, spying on other elements of the computer while entirely evading antivirus, and even persisting after reinstallation of the computer's operating system.
In Chimera, the last of the four attacks, the researchers say they exploited not a mere bug, but a backdoor. CTS says it discovered that AMD uses a chipset sold by the Taiwanese firm ASMedia to handle the operation of peripheral devices. The researchers say they had earlier found that ASMedia's chipset had a function that allowed someone with access to a computer to run their own code on that peripheral chipset, seemingly as a debugging mechanism left in by the developers. That debugging backdoor had apparently been left in not only in ASMedia's products, but in AMD's too. As a result, a hacker with administrative privileges on a machine could plant malware in those obscure peripheral chips, potentially using them to read the computer's memory or network data. And since the backdoor is built into the chip's hardware design, it may be impossible to fix with a mere software patch.
"It worked out of the box with no modification," says CTS Labs CEO Ido Li On. "It's been fabricated directly into the chip itself." That may mean, Li On argues, that the only solution to AMD's security issue would be to replace the hardware altogether.
While CTS hasn't publicly released any of the details of how its attacks work, it did share them privately with New York-based security firm Trail of Bits, which essentially confirmed the central findings. "Regardless of hype, they found vulnerabilities that work as described," says Dan Guido, Trail of Bits' founder. "If you’ve already taken over a computer to a certain extent, they'll allow you to expand that access, or to hide in parts of the processors where you didn’t think malware could be."
That all four attacks require administrative privileges means that to execute them, a hacker would already need extraordinary access to a device—and could presumably already create all kind of havoc even without Ryzenfall, Masterkey, Fallout, or Chimera.
Guido notes that the Chimera backdoor may be the most serious and difficult to patch of CTS's attacks, though he also said he couldn't confirm the extent of the backdoor's access based on CTS's findings alone. "It’s going to require more effort to figure out how to leverage for an attack," he says.
That CTS only gave AMD only one day to review its findings before publicly releasing claims about its impact has raised concerns in the security community. "Apparently they also gave only 24 hours notice, so no responsible disclosure," wrote Graz University of Technology hardware security researcher Moritz Lipp, who helped discover the Meltdown and Spectre vulnerabilities last year, in a note to WIRED. "It smells fishy."
"At AMD, security is a top priority and we are continually working to ensure the safety of our users as new risks arise," AMD wrote in its own short statement to WIRED. "We are investigating this report, which we just received, to understand the methodology and merit of the findings."
CTS argues that by leaving out any details that might allow other hackers to exploit the bugs and backdoor it discovered, it hasn't endangered anyone with its narrow disclosure window. "We’re not putting anyone at risk," says CTS co-founder Yaron Luk-Zilberman. "We have no plans to put out the full technical details to the public. We’re only sending to companies who are able to produce mitigations."
But CTS's website touting AMD's flaws also contained a disclaimer that threw some shadows on the company's motives: "Although we have a good faith belief in our analysis and believe it to be objective and unbiased, you are advised that we may have, either directly or indirectly, an economic interest in the performance of the securities of the companies whose products are the subject of our reports," reads one line. WIRED asked in a follow-up email to CTS whether the company holds any financial positions designed to profit from the release of its AMD research specifically. CTS didn't respond.
All of which adds up to a confusing package: The company's hyped-up marketing around its findings merit some extra scrutiny. But whatever its motives, the CTS research seems to be largely valid. For anyone whose PC or server contains a potentially backdoored AMD chip, it's worth not letting doubts about the messenger get in the way of the message.
- However bad the AMD discoveries may be, they're nowhere near on the level of the industry-shaking Meltdown and Spectre vulnerabilities
- The most remarkable thing about Meltdown and Spectre? Four groups of researchers found the years-old bugs at around the same time
- That, and fixing them remains a bit of a train wreck
1Correction 3/14/18 10am EST to correctly describe Arrigo Triulzi's affiliation.
