A cybersecurity company called Eclypsium has made a startling discovery. They found a hidden backdoor in the firmware of motherboards (the main circuit board in a computer) made by a Taiwanese company called Gigabyte, and this backdoor makes the motherboards easily accessible for hackers to break into.
Gigabyte apparently integrated a Windows executable file into the firmware of its motherboards. This file is executed when the computer starts up, meaning that each time you restart your computer, the firmware's code activates Gigabyte's app center. This app center then proceeds to download and run a file from the internet.
The Eclypsium team found the firmware to be insecure only after scouring customers’ computers for firmware-based malicious code.
It all sounds reasonable, as the code is only there to keep the firmware up to date at all times. The issue is that the code was installed insecurely by Gigabyte, so hackers can easily hijack these devices and install their own malware rather than the intended Gigabyte programs that would continuously update the firmware. And what's worse is that all this can be done without the owner of the device ever being aware of what's happening.
GAME-CHANGING ALEXA SKILLS TO SUPERCHARGE YOUR DAILY ROUTINE
In their research, the team at Eclypsium found that 271 models of Gigabyte motherboards are affected by this insecure firmware. You can click here if you're a PC owner and want to see if your device is on the list of models they compiled.
MORE: WHY WINDOWS IS THE #1 TARGET FOR MALWARE: 2 EASY WAYS TO STAY SAFE
If you're not sure which motherboard your PC uses, you can check by clicking on your Windows Start button and selecting System Information.
MORE: WAS YOUR PRIVATE DATA BEING SOLD ON THIS DARK WEB MARKETPLACE?
WHY YOU NEED TO REMOVE THESE MALICIOUS EXTENSIONS NOW
Although this is an unfortunate mistake made by Gigabyte, you can still do a few things to protect yourself from a hacker breaking into your device. Here are some of my tips.
Check for firmware updates provided by Gigabyte for your specific motherboard model. Visit Gigabyte's official website and look for the latest firmware updates available. Download and install the updates following the provided instructions. These updates may include security patches and fixes that address the vulnerability.
HOW TO ADD YOUR FAVORITE WEBSITES TO YOUR DEVICE'S HOME SCREEN
If your motherboard supports it, enable the option for automatic firmware updates. This will ensure that you receive future updates promptly and minimize the risk of potential vulnerabilities being exploited.
Keeping hackers out of your devices can be prevented if you have good antivirus software installed. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links that may install malware on your devices and thus allow hackers to gain access to your personal information.
See my expert review of the best antivirus protection for your Windows, Mac, Android & iOS devices by heading to CyberGuy.com/LockUpYourTech
Regularly update your operating system, web browsers and other software on your device. These updates often include security patches that address vulnerabilities and protect against known threats.
MORE: WHAT IS A VPN? CAN IT REALLY PROTECT MY ONLINE PRIVACY AND SECURITY?
Good work on the part of cybersecurity company Eclypsium. Without their diligent research, we would never have learned about this hidden feature in Gigabyte motherboards that poses a serious security risk. Hackers can exploit this hidden feature and potentially install their own malware without you even knowing it. Gigabyte has identified 271 affected motherboard models, and if you have one of these computers, I advise you to update your firmware, use antivirus software, consider a VPN, enable two-factor authentication, and keep all software up to date to mitigate the risk of being hacked.
