Hacking Team: BIOS rootkit

[Kaido]

http://www.zdnet.com/article/hackin...t-stays-entrenched-through-hard-disk-removal/

The use of this type of rootkit means that even if a victim's infected machine undergoes a hard drive format, buys a new HD or reinstalls the Windows operating system, the tools are once again implanted to resume their tasks.

The rootkit has primarily been designed for Insyde BIOS, a popular BIOS vendor for laptops, however, Trend Micro speculates the code is likely to work on AMI BIOS as well.

A slideshow produced by Hacking Team and available to view through leaked emails claims that infection requires physical access to the target machine.

TL;DR:

1. Affects Insyde BIOS (popular with laptop vendors)
2. May affect AMI BIOS as well
3. Requires physical access
4. Stays entrenched even if you reinstall the OS or change the HDD

Turn on your BIOS password & update your BIOS version! :biggrin:

 

[Mushkins]

3. Requires physical access

If they have physical access, you're kind of hosed anyway.

 

[hasu]

I read about BIOS viruses almost 8 years ago. UEFI and the modern feature rich BIOSes will make things worse.