Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rootkits Head for Your BIOS

Posted by Zonk on from the get-me-off-of-the-internet-please dept.

Artem Tashkinov wrote to mention a SecurityFocus article which discusses a disturbing new threat to computer security: Rootkits that target a computer's BIOS. From the article: "One rootkit expert at the conference predicted that the technology will become a fundamental part of rootkits in the near future. 'It is going to be about one month before malware comes out to take advantage of this,' said Greg Hoglund, a rootkit expert and CEO of reverse engineering firm HBGary. 'This is so easy to do. You have widely available tools, free compilers for the ACPI language, and high-level languages to write the code in.'" Update: 01/27 14:28 GMT by Z : John Heasman wrote with a link to the slide presentation on this topic given at the Black Hat Conference (pdf).

12 of 287 comments (clear)

  1. Really? by TheRealMindChild · · Score: 2, Funny

    Where are such tools? If I knew such things existed, I would have experimented in "bricking" some of my machines YEARS ago

    --

    "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
    1. Re:Really? by MadTinfoilHatter · · Score: 4, Funny

      I hear Sony is working on a version of their own, as well...

  2. Obligatory smug Mac user comment by Hieronymus+Howard · · Score: 3, Funny

    I've just switched to Macs after 17 years of PC ownership* (Dos, then Windows, then Linux). Boy, am I feeling smug right at this moment.

    * I first typed 'ownershit' by mistake - Thinking about it, this might actually be a more accurate word to describe the joys of being a PC user.

    1. Re:Obligatory smug Mac user comment by Anonymous Coward · · Score: 0, Funny

      Yer just jealous he got modded funny...

  3. Awfully specific by truthsearch · · Score: 5, Funny

    It is going to be about one month before malware comes out to take advantage of this.

    That's an extremely specific prediction. I think we know who they should look at first when these rootkits show up...

    --
    Developers: We can use your help.
  4. Re:Solution by elrous0 · · Score: 2, Funny
    he still calls the tower "my hard drive."

    I still have to explain to my parents that the box beside the monitor is actually the computer. They think it's built into the monitor.

    -Eric

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
  5. Re:What about EFI? by Shanep · · Score: 3, Funny

    What about EFI?

    What about OpenFirmware in my Sun machines with the PROM read-only jumper set ON?

    ; )

    --
    War crimes, torture, lies, illegal spying... Would someone give Bush a blowjob, already, so he can be impeached?
  6. Re:Solution by cogg · · Score: 5, Funny
    I still have to explain to my parents that the box beside the monitor is actually the computer. They think it's built into the monitor.
    You can blame apple on that.
    *ducks*
    --
    "Never 'clear the air'. Instead, investigate all the subtle nuances of the word 'fester'." - R. Candappa
  7. Re:What about EFI? by damieng · · Score: 3, Funny

    Seeing as EFI supports drivers and that the OS is to sit on top of EFI any rootkits there could hide whatever they wanted from your OS....

    Unless of course your OS exposes the EFI configuration and drivers too...

    [)

    --
    [)amien
  8. The Sony BIOS by doublem · · Score: 2, Funny

    On the bright side, Sony Vio owners don't need to worry. Their BIOS comes pre-hacked, so there's no room for more malware!

    --
    "Live Free or Die." Don't like it? Then keep out of the USA
  9. Re:What about EFI? by Anonymous Coward · · Score: 4, Funny

    Now they are sending rootkits after my Electronic Fuel Injection too?

  10. Re:Joe Fourpack would flash the bios if... by Anonym0us+Cow+Herd · · Score: 2, Funny

    Joe Fourpack would flash the bios. All he would need is an e-mail instructing him that if he updates his computer by flipping this bios switch thingy and then clicking OK, he will be able to play the attached new pr0n file.

    Note that Joe Fourpack is two short of a sixpack.

    --
    The price of freedom is eternal litigation.