BIOS infection found
Once again, the world has proved that nothing is impossible, especially in the field of high technology. Two computer security experts from Argentina, Alfredo Ortega and Anibal Sacco, at the CanSecWest jumpsuit conference, showed a wide audience how to put malicious code into the BIOS!
After infection, the machine becomes completely controlled by the attacker. The most interesting thing is that no data deletion will help to cure the machine, even after flashing the BIOS (!) It remains infected! What is also interesting: the infection was carried out both from Windows and from openBSD, and even on a VMware virtual machine with openBSD. True, for this you need administrator rights or physical access to the machine. According to their statement, infection can be carried out through the device drivers, adding a small patch to them, and the full rootkit will settle in your BIOS for a very long time. Thus, it is also possible to remove or disable the antivirus.
I hope that pills for this threat will be found before inspirational brains of kulhackers come up with this method.
upd.For unbelievers and screaming that this yellowness will bring to the conference and its review on the Threatpos.com blog .
upd2 Transferred to information security, thanks for the karma.
After infection, the machine becomes completely controlled by the attacker. The most interesting thing is that no data deletion will help to cure the machine, even after flashing the BIOS (!) It remains infected! What is also interesting: the infection was carried out both from Windows and from openBSD, and even on a VMware virtual machine with openBSD. True, for this you need administrator rights or physical access to the machine. According to their statement, infection can be carried out through the device drivers, adding a small patch to them, and the full rootkit will settle in your BIOS for a very long time. Thus, it is also possible to remove or disable the antivirus.
I hope that pills for this threat will be found before inspirational brains of kulhackers come up with this method.
upd.For unbelievers and screaming that this yellowness will bring to the conference and its review on the Threatpos.com blog .
upd2 Transferred to information security, thanks for the karma.