badBIOS: Next-gen malware or digital myth?

2 Nov

November 01, 2013

[Ed. note: This story originally stated that it was believed that badBIOS can infect other machines via ultrasonic audio. Rather, as amended below, it is believed that badBIOS can communicate with other machines already infected with badBIOS via ultrasonic audio.]

Security researcher Dragos Ruiu calls it “badBIOS.” According to him, it’s a strain of malware that has persisted amongst the machines in his laboratory for almost three years and that has proven near-impossible to clean out. But some parts of his hypothesis about how it’s spreading are so strange that even other experts are skeptical.

Ars Technical is reporting in detail about Ruiu’s saga, which seems to involve a piece of malware so polymorphic that it seems to be able to spread by infecting everything from a system’s BIOS on up.

What’s strangest about this malware is that it even seems to be able to communicate with other infected computers that are airgapped — that is, machines that aren’t physically connected to a network.

badBIOS appears to be OS-agnostic, as Ruiu has found it in Windows, BSD, and OS X machines. Reflashing the BIOS does not appear to help, either. Infected machines refuse to boot from external devices, and any USB drives plugged into a system are also infected — possibly by way of the USB controller.

BIOS-infecting malware by itself isn’t new; one of the first rootkits that infected system BIOSes, Trojan.Mebromi, was discovered back in 2011. But how is it possible that the BIOSes of machines from completely different manufacturers could all be vulnerable to such an attack?

Source: http://www.infoworld.com/t/malware/badbios-next-gen-malware-or-digital-myth-230047
Tags: Nexus 5   Mary Queen of Scots   channing tatum   revenge   2020 Olympics  

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: