Intel Chipset Firmware Actively Targeted by Conti Group
Conti threat actors are betting chipset firmware is updated less frequently than other software — and winning big, analysts say.
![hands hovering over a laptop to depict a cyberattack hands hovering over a laptop to depict a cyberattack](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt65dd4a0865676d90/64f16c748e08df5ff79428b4/Hacker_Artur_Marciniec_Alamy.jpg?width=1280&auto=webp&quality=95&format=jpg&disable=upscale)
Leaked communications from within the Conti threat group reveal the Moscow-backed cybercrime group has honed its firmware attack skills and is actively targeting Intel Management Engine (ME), a microcontroller inside many iterations of the modern Intel chipset, according to a new report.
The analysis, from Eclypsium, notes that Intel chipsets aren't being targeted by Conti because they have vulnerable code, but rather the group assumes firmware patching is spotty at best. In addition, firmware attacks can evade most security tools, the analysts added.
"This can leave some of the most powerful and privileged code on a device susceptible to attack," the report detailing the Conti firmware attacks said. "The recent Conti leaks mark a critical phase in the rapidly evolving role of firmware in modern attacks."
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024