It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Heads up! - A virus that attacks computer at BIOS level.

page: 1
2
<<   2 >>

log in

join
share:

posted on Mar, 25 2009 @ 02:38 PM
link   
Oh great
researchers have demonstrated attacks at the very lowest level of a computer system, a natural development I suppose, I've never thought about it before, but now I am I'm wondering why it took this long. - actually reading further thi was demonstrated in 2007, but still.


Apply all of the browser, application and OS patches you want, your machine still can be completely and silently compromised at the lowest level--without the use of any vulnerability.


This thing is a biiatch, it will survive any reinstalation of the operating system, infect ANY computer regardless of it running windows or Linux or any other OS.


"It was very easy. We can put the code wherever we want," said Ortega. "We're not using a vulnerability in any way. I'm not sure if you understand the impact of this. We can reinfect the BIOS every time it reboots."


So I just thought I'd brings that little tid bit up to brighten everyone's day


linkey-poos




posted on Mar, 25 2009 @ 02:50 PM
link   
Cant you just clear your cmos?

[edit on 25-3-2009 by Solomons]



posted on Mar, 25 2009 @ 02:55 PM
link   
reply to post by Solomons
 


Wouldn't do anything.


, Heasman showed a completely working method for loading the malware on to a PCI card by using the flashable ROM on the device. He also had a way to bypass the Windows NT kernel and create fake stack pointers.


Looks like the code will be hidden in the onboard memory of things like graphics cards, sound cards etc... That is I am reading that correctly.



posted on Mar, 25 2009 @ 02:57 PM
link   
reply to post by Now_Then
 


Well thats no fun...


two lines to appease the mods.



posted on Mar, 25 2009 @ 03:04 PM
link   
So Basically the only way to get rid of this thing is to take a powerful magnet to your components and then throw it in the garbage eh?



posted on Mar, 25 2009 @ 03:08 PM
link   
Hi, protected? PC users ! B-)

Hey ! ! If things go THAT bad in PCs, one day,
I will take my Commodore C= out of the wardrobe !! B-]

Not long ago I was using the browser named "Net Tamer",
in DOS mode, and it was not that bad.
I have visited the net in TEXT mode with it, and it works.

There is A LOT of useless garbage I switch OFF with Mozilla,
and the TEXT mode does almost the same thing. . . B-)

VIVA Commodore C= ? One day ?

Blue skies.



posted on Mar, 25 2009 @ 03:12 PM
link   

Originally posted by Solomons
Cant you just clear your cmos?

[edit on 25-3-2009 by Solomons]


I'm not sure but I don't think so. If they can put the code into the flash memory of a pci card, it would be loaded on every reboot. I always thought my cmos was safe cause it's password protected. It doesn't look that way anymore.

The good news is that it's not easy to install.



posted on Mar, 25 2009 @ 03:13 PM
link   
reply to post by DaMod
 


Not sure about the magnets, it's flash memory, magnets don't normally affect flash memory do they?

But yhea chucking your kit in the trash would be an option!

But that is if you even detect the infection in the first place - this is in about as deep as it gets - way below standard virus scans!

I suppose you could reflash the firmware on your PCI cards. Or the hardware manufactures could start making them with a non flushable ROM - but then you would never be able to update your firmware.



posted on Mar, 25 2009 @ 03:14 PM
link   
This is actually nothing new. BIOS/chip specific malware has been around since the days of "Core wars" back on the old mainframes (30 years ago).

BIOS/chip malware is usually very chip specific. I believe the newer Macs are running the same Intel processors/bios that my PC does... and therefore they're at risk also.

Keep your security updated, and don't go downloading anything unusual.



posted on Mar, 25 2009 @ 03:16 PM
link   
It's suppose to be released april 1st right?

Well, on that day, unplug your computer for a few days.

I cant see how you can be infected then.



posted on Mar, 25 2009 @ 03:17 PM
link   

Originally posted by JohnHolmes
I always thought my cmos was safe cause it's password protected. It doesn't look that way anymore.


Hate to tell you buddy - but it's never been safe, have you ever seen the battery on the mother board? Looks like a large watch battery usually - whip that baby out and leave it a couple of mins.... Et voilà! No more CMOS password, no more BIOS password either and all BIOS settings go back to default.



posted on Mar, 25 2009 @ 03:25 PM
link   
meh?

As long as you have a fairly robust admin account (root) password in place this approach is somewhat stifled... and the "threat" seemingly negligible.


...you need either root privileges or physical access to the machine in question, which limits the scope


The "rootkit" their working on, on the other hand, might prove a different story all together, though.


...Heasman showed a completely working method for loading the malware on to a PCI card by using the flashable ROM on the device.


Again, they'd have to craft a means by which to "prompt" a firmware update...

(?)


Scary, still.



posted on Mar, 25 2009 @ 03:26 PM
link   
Well - make a bootable flashdrive - copy Mainboard BIOS + Flash program to flashdrive. If you get infected then

Flash BIOS - update BOOTBLOCK + Clear DMI data... power off - clear CMOS - Remove power from PSU - wait 20 mins... and restart.

It's also possible to "jumper" the BIOS chip so it's writeprotected.

Otherwise - if you're afraid - run the program called sandboxie, freeware and very efficient against ANY malware.



posted on Mar, 25 2009 @ 03:28 PM
link   
Other than the severity of the problems once infected, is this really any different than any other virus? I mean, it still has to get in your computer somehow, right?

"Sacco and Ortega stressed that in order to execute the attacks, you need either root privileges or physical access to the machine"

Since infection by physical access is not going to be a problem for 99.999% of computer users, that leaves root privilege infections. I don't know much about root privegeles, but it sounds like the amount of effort required to gain access to a single machine's root privileges would hardly be worth wrecking some random dude's computer.

It would be like breaking into someone's safe with only $1 inside, and then destroying the safe when you're done just so the person can't use it anymore. Doesn't really make much sense to me... but then again computer viruses in general don't make much sense to me.

If this was to be used on more important computers than some random dude's, it seems like gaining access to valuable data would take precedent over disabling the machine itself, except in a few rare cases...



posted on Mar, 25 2009 @ 03:37 PM
link   
As a Mac user I fail to see why so many people still use windowz.......the article doesn't say anything about Macintosh/Apple unless someone is using VMWare....I think??

The sure solution to this, as well as any other pc/windowz related viruses, bugs, spyware, etc., etc....is...

say it with me...

Buy and use a Mac!



posted on Mar, 25 2009 @ 03:44 PM
link   

Originally posted by prjct

As a Mac user I fail to see why so many people still use windowz.......the article doesn't say anything about Macintosh/Apple unless someone is using VMWare....I think??

The sure solution to this, as well as any other pc/windowz related viruses, bugs, spyware, etc., etc....is...

say it with me...

Buy and use a Mac!



If I'm not mistaken, then "OpenBSD" is UNIX, and as OS-X is based on unix, I wouldn't feel safe with a MAC either - and *if* SHTF, then at least there are multiple malware, virus, rootkit removers on the PC, whereas I would say the MAC is less fortunate in that case. Also I think it might be a bit harder to obtain a BIOS for your MAC if you get infected - again - with PC's they are widely available.

I have both a MAC and PC and enjoy both of them - each have their advantages.



posted on Mar, 26 2009 @ 04:03 AM
link   
I can tell you with absolute certainty that this is bunk. Having built my own 4 bit processor, thus having an intimate understanding of the workings of processors and memory, I can tell you that such a virus is impossible UNLESS it somehow destroys the chip at the hardware level (too much voltage to the chip for example.)



posted on Mar, 26 2009 @ 08:14 AM
link   
reply to post by goldbomb444
 


Your knowledge is out of date. This is not like the old 8 bit days where you couldn't modify the ROM page. Much modern hardware has a way for it's firmware to be updated. This means that the software can be modified, and this can include malware.

This is not an especially new threat, I remember a proof of concept a few years ago with some network cards. Something people may find interesting and related, are the allegations that the Chinese government have doing this to hardware that they sell to enemies, here is a great thread about that.

www.abovetopsecret.com...

As mentioned, This requires physical or root access. You should always make sure your system has a strong root/admin password, and stay up to date on security updates. Even so, there will likely be undiscovered as yet ways to gain root if someone can get in at user/service level. This means you should make sure your router and firewall are set up correctly, and disable all services that you don't require. Even on many linux systems the default install leaves some ports open that most people will never need. BSD I hear is better for this, and Windows seems much worse, I was unable to even close certain ports on Windows without using trickery.



posted on Mar, 26 2009 @ 09:05 AM
link   
sorry, but being from the "old school" of computers, BIOS attacks are not new. it even got to a point in early development, where you could simply re-programme BIOS chips quite efficiently, mainly because of the many glitches in software intergration, but also from nefarious attacks from the outside, on the early systems.
another attack is on the MBR (master boot record) of all hard drives. this is also basic software commands that are put on by the manufacture (seagate, quantum, ibm, mitsubishi, western digital, etc.). i have had to rebuild these several times. the problem was that you had to have a certain amount of security clearence, and the "build" could only be given to you by a certified company tech, because each company had their own prepriotory build codes.



posted on Mar, 26 2009 @ 10:45 AM
link   
This sounds like the kind of virus, that everyone has been terrified would appear for years, this is the kind of virus IMO, that would kill people in Hospitals.

I have never ever had a high opinion of those who produce this kind of thing, I have always believed these kinds of people need to be thrown in prison for a long time, not people who try and find evidence of UFO's in computers.

People who create malicious viruses, with the intent on destroying software, saved work, or any kind of personal information, seriously need to be stopped, it isnt a laugh, it isnt funny, it's just mean and vindictive, this kind of virus will not discriminate between hospitals and the home, it can kill.

Didn't Microsoft offer a $250,000 to catch those who made this? I'm sure I read a thread that linked a story, that several companies are wanting the reward, so are throwing a lot at finding those responsible, more than trying to stop it, if I'm right, they need to find the author, to prevent it?

Which means, unless they were super careful in it's creation, I expect to see someone arrested for it soon, hopefully before it does infect critical systems and puts people in danger.

No time for scum who do this crap, same level as burglars who enter peoples homes IMO, throw the book at them, send a message to anyone wanting or thinking of doing similar, do this and go to jail for several years.




top topics



 
2
<<   2 >>

log in

join