When BIOS updates become malware attacks

You get the call - a computer is acting strange, malware is the likely suspect. After recording appropriate activity logs and ensuring data is safe, you proceed with the disinfection: wipe the OS and reinstall from a clean image.

If you performed the procedure above, your machine may still be infected. The reason? The malware may have rooted itself deeply into the hardware itself, the BIOS, and not simply residing on the drive.

This is a fascinating and developing area of active research (both by hackers and security researchers such as those at Core Security) and a story that all information security professionals should be aware of.

Next time a machine is acting strange, wipe the OS and reinstall, but only after you have also flashed the BIOS.

Src: When BIOS updates become malware attacks | SearchSecurity.com

No comments: