Intel Management Engine cracked open via USB

Posted on Thursday, November 09 2017 @ 14:09 CET by Thomas De Maesschalck
Intel logo
Security researchers from Positive Technologies have discovered (PDF) a method to hack Intel's Management Engine via USB. This is an important discovery because this feature has been present in most of Intel's processors since 2008. It's basically a hidden kernel that runs in the background, it has access to the entire PC and this feature is pretty controversial because it's a largely undocumented master controller.

The new technique gives attackers access to the Intel Management Engine from the USB port, by using JTAG debugging via the Intel Direct Connect Interface (DCI). Positive Technologies plans to demonstrate it at the Black Hat conference in December.

At the event, they will show how hackers can run unsigned code on the PCH of motherboards that support Skylake and newer CPUs from the chip giant. What makes this particularly nasty is that this type of malware or spyware would be very hard to detect, a disk format or a BIOS flash is unable to remove it.

Both Positive Technologies and Google are known to be working on methods to disable the Intel Management Engine.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments