BadBIOS: Difference between revisions
Deku-shrub (talk | contribs) I don't think this belongs here, see talk Talk:BadBIOS#Bios_exploit_info |
No edit summary |
||
| Line 5: | Line 5: | ||
In December 2013 computer scientists Michael Hanspach and Michael Goetz released a paper to the [[Journal of Communication]] demonstrating the possibility of an acoustic mesh networking at a slow 20 [[Bit rate|bits per second]] using a set of speakers and microphones for ultrasonic communication in a fashion similar to BadBIOS's described abilities.<ref>{{cite news|last1=Leyden|first1=John|title=Hear that? It's the sound of BadBIOS wannabe chatting over air gaps|url=http://www.theregister.co.uk/2013/12/05/airgap_chatting_malware/|accessdate=30 December 2014|date=5 Dec 2013}}</ref> |
In December 2013 computer scientists Michael Hanspach and Michael Goetz released a paper to the [[Journal of Communication]] demonstrating the possibility of an acoustic mesh networking at a slow 20 [[Bit rate|bits per second]] using a set of speakers and microphones for ultrasonic communication in a fashion similar to BadBIOS's described abilities.<ref>{{cite news|last1=Leyden|first1=John|title=Hear that? It's the sound of BadBIOS wannabe chatting over air gaps|url=http://www.theregister.co.uk/2013/12/05/airgap_chatting_malware/|accessdate=30 December 2014|date=5 Dec 2013}}</ref> |
||
The [[NSA ANT catalog]] contains exploits against BIOS and [[System Management Mode|SMM]].<ref>{{cite web|author1=[[Bruce Schneier|Schneier, Bruce]]|author2=National Security Agency|title=SOUFFLETROUGH: NSA Exploit of the Day|url=https://www.schneier.com/blog/archives/2014/01/souffletrough_n.html|website=Schneier on Security|accessdate=8 September 2015|location=schneier.com|date=13 January 2014}}</ref> Security researchers and former employees of [[Mitre Corporation]], Xeno Kovah and Corey Kallenberg, presented a proof-of-concept attack against BIOS at the 2015 [[CanSecWest]] [[computer security conference|security conference]]. The attack allows for [[remote code execution]] and persistence, leveraging [[System Management Mode]] (SMM) found on many platforms.<ref>{{cite web|author1=Zetter, Kim|title=Hacking BIOS Chips Isn’t Just the NSA’s Domain Anymore|url=http://www.wired.com/2015/03/researchers-uncover-way-hack-bios-undermine-secure-operating-systems/|website=wired.com|publisher=Wired|accessdate=8 September 2015|date=20 March 2015}}</ref> |
|||
== References == |
== References == |
||
{{Reflist}} |
{{Reflist}} |
||
Revision as of 22:12, 8 September 2015
BadBIOS is an alleged advanced persistent threat reported by network security researcher Dragos Ruiu in October 2013[1] with the ability to be communicate between instances of itself across air gaps using ultrasonic communication between a computer's speakers and microphone.[2][3] To date, there have been no proven occurrences of this malware.
Ruiu claims the virus is able to infect the BIOS of Windows, Mac OS X, BSD and Linux as well as spread infection over USB flash drives.[3] Rob Graham of Errata Security produced a detailed analysis[4] of each element of the claims about BadBIOS's capabilities describing the software as "plausible", whereas Paul Ducklin on the Sophos Naked Security blog[5] suggested "It's possible, of course, that this is an elaborate hoax".[1] After Ruiu posted data dumps which supposedly demonstrated the existence of the virus, "all signs of maliciousness were found to be normal and expected data".[6]
In December 2013 computer scientists Michael Hanspach and Michael Goetz released a paper to the Journal of Communication demonstrating the possibility of an acoustic mesh networking at a slow 20 bits per second using a set of speakers and microphones for ultrasonic communication in a fashion similar to BadBIOS's described abilities.[7]
The NSA ANT catalog contains exploits against BIOS and SMM.[8] Security researchers and former employees of Mitre Corporation, Xeno Kovah and Corey Kallenberg, presented a proof-of-concept attack against BIOS at the 2015 CanSecWest security conference. The attack allows for remote code execution and persistence, leveraging System Management Mode (SMM) found on many platforms.[9]
References
- ^ a b Leyden, John (1 Nov 2013). "Indestructible, badass rootkit BadBIOS: Is this tech world's Loch Ness Monster? VOTE NOW". Retrieved 30 December 2014.
- ^ A. Grimes, Roger (Nov 12, 2013). "4 reasons BadBIOS isn't real". Retrieved 30 December 2014.
- ^ a b Goodin, Dan (31 Oct 2013). "Meet "badBIOS," the mysterious Mac and PC malware that jumps airgaps". Retrieved 31 December 2014.
- ^ Graham, Robert. "#badBIOS features explained". Retrieved 30 December 2014.
- ^ Ducklin, Paul. "The "BadBIOS" virus that jumps airgaps and takes over your firmware - what's the story?". Retrieved 30 December 2014.
- ^ Grimes, Roger. "New NSA hack raises the specter of BadBIOS". Retrieved 7 September 2015.
- ^ Leyden, John (5 Dec 2013). "Hear that? It's the sound of BadBIOS wannabe chatting over air gaps". Retrieved 30 December 2014.
- ^ Schneier, Bruce; National Security Agency (13 January 2014). "SOUFFLETROUGH: NSA Exploit of the Day". Schneier on Security. schneier.com. Retrieved 8 September 2015.
- ^ Zetter, Kim (20 March 2015). "Hacking BIOS Chips Isn't Just the NSA's Domain Anymore". wired.com. Wired. Retrieved 8 September 2015.
 | This malware-related article is a stub. You can help Wikipedia by expanding it. |