Nov05

BadBIOS – Beginning of an Area of Ultimate Digital Weapons?

This sounds like science fiction or a scene in Matrix: Recently, Dragos Ruiu published some information about a malware called BadBIOS. Therefore this nasty piece of malicious code is able to hide itself in the BIOS, to bridge the air gap using ultrasonic sound and the PC speaker / microphone and other quite sophisticated stuff.

Of course, this is all possible from a technical point of view. For example, the possibilities to hide malware in the BIOS had been discussed “centuries” ago – there is little space in the BIOS to do this – but it may be possible. E.g., a manipulation of the BIOS can be easily possible, see the CIH-Virus (also known as Chernobyl) back in 1999 that was able to delete the memory of a Flash-BIOS. We know sophisticated triangulation attacks, smart Van Eck phreaking to evaluate monitor signals or identify keystrokes of computer systems over the power grid as well as numerous steganography techniques to exchange or export data.

But is such a sophisticated combination of techniques, even more advanced than Stuxnet, already possible and even more, has it been in the wild for already three years? And don’t forget, it should be able to infect PCs as well as MACs and even operating systems like Open BSD! If this is real, it will have a great impact – on the possibilities of new digital weapons as well as the requirements of our defence. The upcoming weeks will show what is true and what is fake about this story.

2 Comments

  • Johne94 June 19, 2014 at 1:29 am

    Valuable information. Fortunate me I discovered your web site by chance, and I am surprised why this coincidence didn’t happened in advance! I bookmarked it. adfedkkeefga

    Reply
  • Smithk708 June 19, 2014 at 1:30 am

    I have been surfing online more than 3 hours today, yet I never found any interesting article like yours. It is pretty worth enough for me. In my view, if all webmasters and bloggers made good content as you did, the internet will be much more useful than ever before. becdddkdakgegdga

    Reply

Leave a Reply