Discussion:
Malware burrows deep into computer BIOS to escape AV
(too old to reply)
Irkin Invader Zim
2011-10-25 00:36:57 UTC
Permalink
Researchers have discovered one of the first pieces of malware ever used in
the wild that modifies the software on the motherboard of infected computers
to ensure the infection can't be easily eradicated.
Known as Trojan.Mebromi, the rootkit reflashes the BIOS of computers it
attacks to add malicious instructions that are executed early in a computer's
boot-up sequence. The instructions, in turn, alter a computer's MBR, or master
boot record, another system component that gets executed prior to the loading
of the operating system of an infected machine. By corrupting the processes
that run immediately after a PC starts, the malware stands a better chance of
surviving attempts by antivirus programs to remove it.
http://www.theregister.co.uk/2011/09/14/bios_rootkit_discovered/
--
Dave - exactly what *I've* suspected for years! ;-)
For years, you've been wrong. :oD
Now that it is ITW so they say, the naysayers will be silenced. But
you might want to consider that BIOS thing to be more like a
payload that *might* sink the roots deeper than was otherwise
possible. It is likely to owe more of its wilding ability to its being
a user-mode, kernel mode, *and* an MBR mode rootkit - plus a
virus - than to its being a BIOS modder. Just wait until some
wormable exploit is written to spread it or it gets adopted by evil
botnets.
TPM anyone?
ROTFLMFAO!!!! This is just another version of the famous CMOS virus
but only affects bios.
eMutt you don't even know what STFU means let alone CMOS or bios.

Please stop trying to be a computer expert you Keiser drop-out. Oh
wait you have to GO THERE FIRST to become a drop-out.
Wow. That is some failure you have. a drop-out drop-out. Holy shit,
can you get any stupider?
Irkin Invader Zim
2011-10-25 02:31:42 UTC
Permalink
Post by Irkin Invader Zim
Researchers have discovered one of the first pieces of malware ever used in
the wild that modifies the software on the motherboard of infected computers
to ensure the infection can't be easily eradicated.
Known as Trojan.Mebromi, the rootkit reflashes the BIOS of computers it
attacks to add malicious instructions that are executed early in a computer's
boot-up sequence. The instructions, in turn, alter a computer's MBR, or master
boot record, another system component that gets executed prior to the loading
of the operating system of an infected machine. By corrupting the processes
that run immediately after a PC starts, the malware stands a better chance of
surviving attempts by antivirus programs to remove it.
http://www.theregister.co.uk/2011/09/14/bios_rootkit_discovered/
--
Dave - exactly what *I've* suspected for years! ;-)
For years, you've been wrong. :oD
Now that it is ITW so they say, the naysayers will be silenced. But
you might want to consider that BIOS thing to be more like a
payload that *might* sink the roots deeper than was otherwise
possible. It is likely to owe more of its wilding ability to its being
a user-mode, kernel mode, *and* an MBR mode rootkit - plus a
virus - than to its being a BIOS modder. Just wait until some
wormable exploit is written to spread it or it gets adopted by evil
botnets.
TPM anyone?
ROTFLMFAO!!!! This is just another version of the famous CMOS virus
but only affects bios.
eMutt you don't even know what STFU means let alone CMOS or bios.
Please stop trying to be a computer expert you Keiser drop-out. Oh
wait you have to GO THERE FIRST to become a drop-out.
Wow. That is some failure you have. a drop-out drop-out. Holy shit,
can you get any stupider?
Ya'll don't pay any attention to this dork. He's been banned by just
about every NG on usenet.
"Ya'll?"

If your intention was to sound like the toothless redneck walking
Halloween mask you appear in your photos, nice job.

Second, you can't get "banned" from a "NG," you dumbshit.

Emmett, you have barely made six posts in alt.privacy.spyware and they
have already recognized you and called you out as being a dumbshit.
Loading...