+ Reply to Thread
Results 1 to 16 of 16

Thread: badBIOS Malware

  1. Senior Member
    Join Date
    Oct 2012
    Location
    Lexington, KY
    Posts
    534

    Certifications
    CISSP, GMON
    #1

    Default badBIOS Malware

    Anyone else following this unfolding story?

    Meet
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member --chris--'s Avatar
    Join Date
    Jul 2013
    Location
    Metro Detroit
    Posts
    1,397

    Certifications
    ITIL F, C|EH
    #2
    Like scifi.

    Ultra sonic packet transmission?


    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Sep 2013
    Location
    Central CT
    Posts
    649

    Certifications
    A+, Network+, Security+, a few CIW, VCA-DCV/WM/Cloud, OCA Java SE 7, CCNA, CEH, CHFI, BSIT, MSISA
    #3
    He says they reflashed the BIOS of affected machines, but who's to say the infected BIOS doesn't just spoof success to the flash util..
    Reply With Quote Quote  

  5. Senior Member --chris--'s Avatar
    Join Date
    Jul 2013
    Location
    Metro Detroit
    Posts
    1,397

    Certifications
    ITIL F, C|EH
    #4
    @=ratbuddy
    Possible.

    Id like to believe in Ultra sonic packet transmission though. It just sounds cooler.
    Last edited by Plantwiz; 11-01-2013 at 04:04 AM.


    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Sep 2013
    Location
    Central CT
    Posts
    649

    Certifications
    A+, Network+, Security+, a few CIW, VCA-DCV/WM/Cloud, OCA Java SE 7, CCNA, CEH, CHFI, BSIT, MSISA
    #5
    Ever pick up the phone while someone was on the line with a modem? Just raise the frequencies and put it on speakerphone, and there you go. Easy stuff.
    Reply With Quote Quote  

  7. Member Balantine's Avatar
    Join Date
    Jan 2011
    Location
    In the loop
    Posts
    76
    #6
    Not so easy if the comm is spread out over long periods of time.

    I have a lot of questions about the details in this story. Nice entertainment...freaky fah sure.
    dulce bellum inexpertis
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Sep 2013
    Location
    Central CT
    Posts
    649

    Certifications
    A+, Network+, Security+, a few CIW, VCA-DCV/WM/Cloud, OCA Java SE 7, CCNA, CEH, CHFI, BSIT, MSISA
    #7
    Pure entertainment. If the machines really are communicating through audio, it stands to reason that any similar computer has a microphone which could monitor such communications. This guy needs to put up or shut up
    Reply With Quote Quote  

  9. Network Security tpatt100's Avatar
    Join Date
    Aug 2009
    Location
    Ypsilanti, MI
    Posts
    2,884

    Certifications
    CISA, CISSP, GIAC G2700, CEH, CHFI, Security+, CCENT, N+, A+
    #8
    The guy is putting the information out there from what I read, it doesn't sound like he is hiding anything.

    The story makes me want to throw my computer in a hole in the ground j/k.
    Last edited by networker050184; 11-01-2013 at 01:52 PM.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Mar 2008
    Posts
    1,562
    #9
    Curious to see how this pans out. I can see how it would work via speakers/mic but how it's nesting itself in he BIOS - I'm just not sure.
    Reply With Quote Quote  

  11. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,837

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #10
    Read a few articles on this just this morning. Personally, I'm a little doubtful on the ultrasonic being used, but it's possible. Interested to see how it all pans out and to see a third party come in to do some testing.
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  12. EC Council #1 fan colemic's Avatar
    Join Date
    Apr 2010
    Location
    Tejas, Baby!
    Posts
    1,531

    Certifications
    CISSP, CISA, GIAC 2700, MCSE:Security, CEH, CHFI, CCNA:Security, CCENT, Sec+, Net+, ITIL v3 Foundations
    #11
    I find it interesting as well... will have to follow up in a couple of weeks to see where it stands.
    Reply With Quote Quote  

  13. ...loading... gorebrush's Avatar
    Join Date
    Apr 2005
    Location
    UK
    Posts
    2,728

    Certifications
    CCIE:R&S, CCNP:R&S, CCNA:S, MCSE, MCSA:M, MCTSx2
    #12
    Interesting and a lot of it is quite easily feasible but some parts of it just scream BS to me.

    Which makes me rather unsure as to the whole stories authenticity.
    Reply With Quote Quote  

  14. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,837

    Certifications
    BS-CST CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #13
    Motivation is the biggest cause for alarm since there is a lack of it in this case. Everything happens for a reason and here you don't see it (at least not clearly). Why use something so advanced on this guy? Should be noted though, usually Americans use the USB infection method.
    WIP:
    MS in Legal Studies - Drexel University
    Mobile Forensics
    Kotlin
    Python
    Reply With Quote Quote  

  15. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #14
    Reply With Quote Quote  

  16. Senior Member --chris--'s Avatar
    Join Date
    Jul 2013
    Location
    Metro Detroit
    Posts
    1,397

    Certifications
    ITIL F, C|EH
    #15
    Quote Originally Posted by YFZblu View Post
    Just came here to post this. Its pretty damning, except I had never seen nor heard of RootWyrm before this either...so who knows.

    @YZFblu
    Are you on /r/netsec?


    Reply With Quote Quote  

  17. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #16
    I browse /r/netsec, but I've never posted
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks