Intel AMT Stealth Breakthrough

Every modern computer system based on Intel architecture has Intel Management Engine (ME) - a built-in subsystem with a wide array of powerful capabilities (such as full access to operating memory, out-of-band access to a network interface, running independently of CPU even when it is in a shutdown state, etc.). During this talk we will discuss methods of remote pwning of almost every Intel based system, manufactured since 2010 or later.

By Dmitriy Evdokimov & Alexander Ermolov & Maksim Malyutin

Full Abstract & Presentation Materials: https://www.blackhat.com/us-17/briefings.html#intel-amt-stealth-breakthrough

from Black Hat https://www.youtube.com/watch?v=ubmKdOMRhLk @BlackHatOfficialYT https://www.youtube.com/@BlackHatOfficialYT

INTEL AMT STEALTH BREAKTHROUGH

Every modern computer system based on Intel architecture has Intel Management Engine (ME) - a built-in subsystem with a wide array of powerful capabilities (such as full access to operating memory, out-of-band access to a network interface, running independently of CPU even when it is in a shutdown state, etc.). On the one hand, these capabilities allow Intel to implement many features and technologies based on Intel ME. On the other hand, it makes Intel ME a tempting target for an attacker. Especially, if an attack can be conducted remotely.

Here, Intel Active Management Technology (AMT) fits perfectly – it is based on Intel ME and means for a remote administration of computer system. So… during this talk we will discuss methods of remote pwning of almost every Intel based system, manufactured since 2010 or later.