Researchers Demo BIOS Attack That Survives Disk Wipes

← Back to Stories (view on slashdot.org)

Researchers Demo BIOS Attack That Survives Disk Wipes

Posted by CmdrTaco on Monday March 23, 2009 @01:37AM from the can't-believe-it-took-this-long dept.

suraj.sun writes "A pair of Argentinian researchers have found a way to perform a BIOS level malware attack capable of surviving even a hard-disk wipe. Alfredo Ortega and Anibal Sacco from Core Security Technologies — used the stage at last week's CanSecWest conference to demonstrate methods (PDF) for infecting the BIOS with persistent code that will survive reboots and re-flashing attempts. The technique includes patching the BIOS with a small bit of code that gave them complete control of the machine. The demo ran smoothly on a Windows machine, a PC running OpenBSD and another running VMware Player."

2 of 396 comments (clear)

Min score:

Reason:

Sort:

"Researcher" should at least have a clue ... by Zero__Kelvin · 2009-03-23 05:10 · Score: 1, Redundant

"We can reinfect the BIOS every time it reboots."
No. You can't. The BIOS is the first thing that is run at cold boot time. If it is already infected then you can attempt to ensure that it remains infected. If it is not infected, your code doesn't exist in the BIOS to "reinfect" it. During a warm boot (aka reboot) the code remains resident so, again, it is already infected, making it impossible to "re-infect". Nice hyperbole though.

"Sacco and Ortega stressed that in order to execute the attacks, you need either root privileges or physical access to the machine in question, which limits the scope."
And I have a penis, which makes it rather limiting when I visit the Gynecologist.

News flash: If one has proximity, anything is possible. If I have unfettered access to a machine then I can ensure that I can continue to have that access. No shit. Write up something worth reading when you can obtain the access sans my permission in the first place, or at least don't try to claim that it is a threat to *BSDs, Linux, OS X, and other secure Operating Systems. I know I'm missing one ... Wind^H^H^H^H err... ahhh... no. I listed all the well known ones I guess.

--
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Re:Fatal flaw: No BIOS reset by wastedlife · 2009-03-23 05:49 · Score: 0, Redundant

Good point. The only fix I can see for your problem would be for both BIOS chips to be flashable. After updating and testing the new BIOS revision, then flip a jumper to switch to the backup chip and update that one as well. As long as they are physically separate and only accessable when the jumper is flipped, the backup BIOS should not be affected by this attack.

--
Said, "It's just like dice but it's got more sides And it tells me who lives and who dies"