klikster Posted November 2, 2013 Share Posted November 2, 2013 This thing sounds like a nightmare. "badBIOS" Link to comment Share on other sites More sharing options...
HeijoshinCool Posted November 2, 2013 Share Posted November 2, 2013 And you want me to click on that, Klikster? Link to comment Share on other sites More sharing options...
klikster Posted November 2, 2013 Author Share Posted November 2, 2013 LOL! Sorry, HeijoshinCool. That link is to the article in Arstechnica ----- maybe. Link to comment Share on other sites More sharing options...
schondie Posted November 2, 2013 Share Posted November 2, 2013 Yep, safe link. I read this earlier and it's pretty scary. Obviously the organisation behind this is state sponsored. This could be a whole lot worse if it was leaked into the black hat scene. Link to comment Share on other sites More sharing options...
Bender Posted November 2, 2013 Share Posted November 2, 2013 (edited) nothing truelly amazing behind this news. Company like Intel, Amd, Microsoft, Apple, Hp, etc, etc.... does already have the technology for at least ten years or maybe from the begining. Remember that, in sensible place, screen desktop used to be lead-strapped to prevent any leak (from a computer not connected to any network) Now if the common hacker do found the way, then it's a different story! Edited November 2, 2013 by Bender Link to comment Share on other sites More sharing options...
jbrain Posted November 2, 2013 Share Posted November 2, 2013 Yep, safe link. I read this earlier and it's pretty scary. Obviously the organisation behind this is state sponsored. This could be a whole lot worse if it was leaked into the black hat scene. You mean the link ends on www....................../nsa/gov.us ? Link to comment Share on other sites More sharing options...
manarak Posted November 2, 2013 Share Posted November 2, 2013 (edited) If the story is true and the findings real, the Ruiu guy probably got infected when he went out to work for a customer that was infected with that thing. I do agree that it smells like major espionage league, state-sponsored or at the top corporate/mafia level, and that the rootkit was certainly not meant to spread uncontrolled beyond the infected party. As many boards nowadays come with 128 MB and more of BIOS EEPROM, there is certainly enough space there to store the necessary drivers and the malware. But this passage: "We had an air-gapped computer that just had its [firmware] BIOS reflashed, a fresh disk drive installed, and zero data on it, installed from a Windows system CD," Ruiu said. "At one point, we were editing some of the components and our registry editor got disabled. It was like: wait a minute, how can that happen? How can the machine react and attack the software that we're using to attack it? This is an air-gapped machine and all of a sudden the search function in the registry editor stopped working when we were using it to search for their keys." is farily improbable if they didn't have at some point an infected USB drive inside - how would the machine get infected after its BIOS had been flashed? Edited November 2, 2013 by manarak Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now