Firmware based Malware Analysis

Abstract

In electronics and computing, firmware is often used to denote the fixed, usually rather small programs that internally control various embedded devices. Upgrading firmware means upgrading the coordination among the various hardware components.We demonstrate how this feature can be exploited to allow attackers to inject malicious firmware modifications into vulnerable embedded devices. We discuss techniques for exploiting such vulnerable functionality and the implementation of a concept different malware capable of network reconnaissance, data exfiltration and propagation to general purpose computers and other embedded device types. We present a case study of different firmware modification vulnerability, which allows arbitrary injection of malware into the different firmware via various malware activity. Our work proves that the risk of this type of attacks on embedded systems is considerable, and it will further increase in the future.