Rootkits Operating From BIOS
Friday, 27 January 2006 by Michel Roth
This article is about predictions being made at the Black Hat Federal conference about Rootkits heading for BIOS.... Doesn't sound good at all. Here are some snippets form the article.

Insider attacks and industrial espionage could become more stealthy by hiding malicious code in the core system functions available in a motherboard's flash memory, researchers said on Wednesday at the Black Hat Federal conference.

It is going to be about one month before malware comes out to take advantage of this. This is so easy to do. You have widely available tools, free compilers for the ACPI language, and high-level languages to write the code in.

A collection of functions for power management, known as the Advanced Configuration and Power Interface (ACPI), has its own high-level interpreted language that could be used to code a rootkit and store key attack functions in the Basic Input/Output System (BIOS) in flash memory, according to John Heasman, principal security consultant for U.K.-based Next-Generation Security Software.

Rootkits are becoming more of a threat in general--BIOS is just the next step.

Read the full article here.

Related Items:

NEC Launches Laptop Without Hard Disk (1 December 2005)
VM Rootkits: The Next Big Threat? (13 March 2006)
Sysinternals Releases RootkitRevealer (24 February 2005)
Kevin Mitnick Authors Appsense Whitepaper (12 July 2006)
HP Pushes Old Thin-Client Strategy With New Devices (1 June 2005)
XenSource (Also) Announces Embedded Hypervisor (6 September 2007)
Comments (0)add feed
Show/Hide comment formtoggle
password
 

busy