kano 125 Posted February 14 Report Share Posted February 14 https://www.webroot.com/blog/2011/09/13/mebromi-the-first-bios-rootkit-in-the-wild/ As someone whose scared of these, this is a fairly impressive bit of engineering. But the restrictive space that a BIOS image provides fortunately limits what an attacker can do, especially if the machine still has to appear to work and be fine in order to avoid raising suspicion of the end user, e.g. it would be hard to fit code in the BIOS to attack Windows and Linux, plus whatever file system you happen to be using. Of course they are going to go for the low-hanging fruit that is Ntfs and Windows with an attack like this! That being said, I miss the days where there was an option in the BIOS to write-protect the flash chips. If the industry cared about security at all, then you wouldn't be able to flash any permanent firmware changes after the operating system is loaded. Ideally all BIOS flashing must be done within the pre-boot firmware environment presented by the motherboard. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.