Researchers Demo BIOS Attack That Survives Disk Wipes

Posted by CmdrTaco on Monday March 23, 2009 @01:37AM from the can't-believe-it-took-this-long dept.

suraj.sun writes "A pair of Argentinian researchers have found a way to perform a BIOS level malware attack capable of surviving even a hard-disk wipe. Alfredo Ortega and Anibal Sacco from Core Security Technologies — used the stage at last week's CanSecWest conference to demonstrate methods (PDF) for infecting the BIOS with persistent code that will survive reboots and re-flashing attempts. The technique includes patching the BIOS with a small bit of code that gave them complete control of the machine. The demo ran smoothly on a Windows machine, a PC running OpenBSD and another running VMware Player."

3 of 396 comments (clear)

Min score:

Reason:

Sort:

Of course. by ers81239 · 2009-03-23 01:40 · Score: 0, Offtopic

Last I checked, the BIOS lives in a chip, not the HDD. Thus the magic diskless booting. How is this news?

--
there are 2 kinds of people. those who divide people into 2 kinds, and those who don't.
Re:Tsarkon Reports Obama bent on bankrupting USA by Jurily · 2009-03-23 02:01 · Score: 0, Offtopic

Well, I don't give a shit about either. What's your take on OpenBIOS?
Re:Requires root privileges or physical access by tickleboy2 · 2009-03-23 04:16 · Score: 0, Offtopic

Mom? Is that you???

--
The only thing that will stop you from fulfilling your dreams is you. - Tom Bradley