Researchers at Eclypsium have discovered that numerous motherboard models produced by Gigabyte, a major Taiwanese computer components manufacturer, contain a backdoor functionality that poses a significant risk to organizations. The backdoor, found in the firmware of many Gigabyte systems, drops a Windows binary during boot-up, which downloads and executes another payload from Gigabyte servers over an insecure connection. While the backdoor’s purpose is related to the Gigabyte App Center, its potential for abuse by threat actors remains a concern. Eclypsium has published a list of affected motherboard models and is working with Gigabyte to address the issue, likely through a firmware update.