News Researchers create BIOS malware

Master of the Bleedin' Obvious :-
Who's idea was it to save the odd 2p per motherboard and REMOVE the BIOS write protect jumper ?

 

Manufacturers should love this. Now the answer to "I have a virus, should I buy a new computer?" becomes a "Yes". It's already a giant pain to remove many rootkits, will we have to now soldier EEPROMs to get around this??

 

Not understanding is the basis of fear. A lot of fear on this topic. Watch your back people it's coming to get you........
Re read this again and again, go to all the links and read them again and again, then look up words and google tech stuff you don't understand and read it again....... and again.
Maybe if you loan your computer to a hacker convention (with admin rights open) for the weekend it might come back with this malware. But otherwise if it's sitting safe in your room and your looking at all the porn, opening all the e-mail coming your way, excepting every script on pages, and visiting shady sites that could infect your computer. You still have nothing to worry about when it comes to this.

Read, absorb, understand. I call this a "smoke and mirrors malware". I would not even call it malware. It's more like a couple of guys got creative and had their way with their own computer. They could not do the same to yours unless you "physically" let them.

With todays software and hardware components we use, this simply can not be done with out physically doing it, and I doubt what ever we innovate too in the future with computers the chances are this will not work remotely but only physically. So keep your computers close at hand and don't let untrusting people open up your case or give them admin rights to break down security to get busy "destroying" your property. And even then if that happens regardless of what any one says this could be resolved. It's only permanent to the non literate computer user.

 

Actually, the other way around. EFI is (at least in theory) far more standardized by design than BIOS, thus making it more vulnerable. Only thing that makes developing BIOS-targeted attacks/exploits/etc. not worth the time is the fact that you'd need to write separate code for almost every motherboard available.

 

clear CMOS = virus gone
GG

 

CMOS and BIOS are not one and the same.

As far as I can tell the code re-flashes the bios image with the malware code attached.

As stated earlier in the thread, a simple BIOS write protect jumper/switch is all that needs to be implemented in future motherboards to stop this in it's tracks.

 

I could do it lol you forget all your admin rights are on your os.. what's to stop someone from just booting a linux distro or any tool- even just a dos boot with flash from a dvd.. and before you say password protect the bios.. it's as simple as popping the battery out or using the cmos clear jumper on the mb

I'll agree with the fear end of it.. I'm sure guys like the geek squad who are nothing more than salesmen- would love something like this to be deved and go wild.. far as it sticking, the cmos clear jumper won't clear everything- popping out the battery for a few does.. alot of peeps had to do this on the 680i mb's because of the c1 error- it would act like a dead board even with a clear.. pop the battery out, put it back and it magically worked.. nvidia ntune guy to thank for this

 

thehippoz,

I was one of them, dealt with it, I have a MSI 680i.

Personally no one is going to get inside my computer, I have a eletric fence around it.

But don't forget it's easy through admin rights to stop any boot disk from working. A few years ago the company I worked for did that on the laptops they gave us employees. For fun I tried cracking it... and I admitted to it, he just snickered and siad "Boot disk did not work?". (I wasn't going to physically do anything) I spent some time with the IT guy and learned how it was done and traded a few programs with him to even the scale. But of course that only helps if you do it, then again I would/did not on my desk top but did on my personal laptop since its placed in vulnerable situations and holds no valuable info. I use the boot disk when necessary or experimentations with the desktop.

It's like rock paper scissors. But I know you got me. It's just not happening to people like us,... but for the others, its the price you pay for not knowing about what you have and how to protect it. They just run around with there heads cut off screaming viruses and handing there computers over to Best Buy's Geek Squad and buying expensive virus protection software.

There is no fear to be had with this so called "malware".

 

dang, these people created chiv in the form of malware. Nice work guys, now I'll have to throw away my bios chip when ever I reinstall my hard drive

 

BIOS and OS

how can a malware in bios, be able to diable the av, which runs in the kernel's memory space...
is it possible to keep track/scan of changing 2^32 memory bits, by just some little assemply level program writtn in <16KB