New BIOS attack renders antivirus useless

Only solution may be physically removing BIOS chip

A new form of attack that installs a rootkit directly onto a computer’s BIOS system would render antivirus software useless researchers have warned.
Alfredo Ortego and Anibal Sacco of Core Security Technologies explained to vnunet.com that the attack was possible against almost all types of commonly used BIOS systems in use today.

The two devised a 100 line Python script that could be flashed onto the BIOS to install a rootkit. Because the BIOS software activated before any other program on a computer when it starts up then normal antivirus software would be unable to detect it.  “We tested the system on the most common types of BIOS,” said Ortega.  “There is the possibility that newer types of Extensible Firmware Interface (EFI) BIOS may be resistant to the attack but more testing is needed.”

http://www.vnunet.com/vnunet/news/2239320/bios-attack-renders-antivirus
Also in http://www.h-online.com/security/Rootkits-in-a-PC-s-BIOS–/news/112934 entitled "Rootkits in a PC’s BIOS"

Leave a Reply