News Researchers create BIOS malware

http://www.bit-tech.net/news/bits/2009/03/24/researchers-create-bios-malware/1

A pair of researchers claim to have developed malware which is resident in a system's BIOS, and which is capable of surviving a complete OS reinstall.

 

At least they've developed something now in a controlled environment, giving software devs time to patch any holes, than something like this appearing in the wild.

 

Man this thought is scary, viruses that don't die from OS reinstall.. i feel like i'm gonna have nightmares tonight.. scary!

 

ow f***!

 

initiate zombie plan......NOW!!!!

 

So we have this to worry about...

http://www.insidetech.com/news_feed...his_no_joke_confickerc_strike_april_fools_day

And now this, great!

 

If the cyber criminals managed to get an inside man/woman, at a motherboard factory, that would be uber scary, given that the article states that the malware can even survive a bios flash. It is not like well-known companies haven't shipped products, with unwanted 'bonus' features before.

 

I see this as a threat to servers where there is little to no interaction from admins, om a fully secured server that is monitored regularly, I doubt this is a threat, now if you are worried about "it" infecting your pc, the only way I can see this happening is if you have a really drunk friend in your room that is really pissed on you and decided to flash the bios on your motherboard. the threat is clear. but the way to execute it?... Is honestly.. rediculously/insanely impossible/though/difficult.

 

I know no one that is capable of doing this too my computer, I'm a lone ranger with non-tech friends. If there was somebody, I have two guest computers in the house they would use, and I'm guessing you have to have admin privileges to do this, they would not. My computer,.... no one gets on, and if so they would have to get past security and decrypts first, what a challenge.

I have a huge library or viruses, Trojans, malware, rootkits, creators, etc. Can't wait to add this to the library one day. I don't use them. I just quarantine them and keep them like preservation of once wild animals now for study.

 

Tho this was done in a controlled area, now cyber criminals know it's possible! Sooner or later someone will find out how, and it'll start off with school or public computers.

 

Well the motherboard manufacturers must now look at a way to combat this as its bound to get out in the wild before too long.

 

How the HELL are we supposed to get an AV scanner in the BIOS ?
Is the BIOS gonna have to get bigger to adapt ? lol.

Get a typewriter...

 

When I update my BIOS, I need admin rights under Vista.
Soooooo.... This should not be any problem, unless I am dumb to allow permission to "picture.exe".
Same applies to Major thread. If I put a USB stick... I would be prompted for Admin... again a failed attempt.

 

Somebody could swap the keys on the typewriter, you've been hackereeeerd

 

Oh lol. I love when the "researchers" claim that they did something new. This technique is known for years, it was a side effect of researching new PDoS methods. Not really popular or widespread in any way, it was used to target specific machines. Also not a threat at all, at least for now, as it requires lots of code (basically due to the wicked ways manufacturers implement the BIOS you need to know the specific adresses to put your data in, if you erase or overwrite too much or anything at all (on some boards) you end up with unusable BIOS).
Only good for attacking specific machines, too many different BIOS implementations to write a code "good for all motherboards".

 

The thought of a reflash not removing the virus from bios is what is truly scary. Who cares about the OS install, that's something I would do in the event of an infection anyway.

 

Push forward the development of EFI and make it secure.

I guess physically replacing the the BIOS with a new one which contains a clean BIOS would get it shifted...

I see soo many infected systems I can see how this will be a problem!!

 

And switching around some of those swingarm letter things around would really annoy someone...

 

Bios Virus : first Time i heard that that Really scary : Either way it say if a such virus where to be lauch
it could spread and being immune to bios flash which mean the manifaturer to replace the bios With a whole new one all clean
At a Step Flash bios can't do or a Big enterprise in security will need to find a Cure

anyway did you hear of the Possible Confiker C : i hope it a joke lol cause by reading spec of it Devastation IS increidbly high
as the Blue Screen of Death Virus which made you unable to even try to Reformat ur hard drive if i remember
so you add to find a way To reformat hard Drive

 

My Desktop computer has BIOS Virus check... it's an Nforce 4... Does that mean anything?