Mr.Bhat
EntMnt Contributor
Hackers are amazing if they are the good guys, and outright scary if they go bad, but here is something that can make even the most well-meaning computer genius seem terrifying.
Viruses, malware, spyware, all of them are troublesome, some are very dangerous, but they have something in common: they can be removed by formatting the storage device on a PC.
Even if not all data is removed, safety and functionality can usually be restored by reinstalling the operating system from scratch.
Unfortunately, there are methods of secret surveillance and backdoors advanced enough that not even a full format, or changing the HDD altogether, can remove.
Well, maybe that's not quite true. We don't know of any that are in use right now. We do know how one may be created though.
At the Black Hat security conference in Las Vegas last week, Jonathan Brossard demonstrated how software could be hidden in the very BIOS of a personal computer. A backdoor can be created there, which allows remote access to the system over the internet.
The tool he used is dubbed Rakshasa and is installed on the BIOS chip of a PC motherboard. That means that the backdoor is integrated straight into the firmware, or first code, which is run immediately upon pressing the power button.
As if that weren’t scary enough on its own, Bossard showed that he could hide the code inside other hardware component chips, like network cards. Once the PC is turned on, the code can jump into the BIOS on its own.
"If someone puts a single rogue firmware on your machine, he basically owns you forever," Brossard told an audience of fellow hackers and computer security professionals at Black Hat. "Even if you change your hard drive or change your OS, you're still very much going to be owned," unless the firmware is overwritten with one known to be safe.
So far, the backdoor has successfully bypassed 43 antivirus programs. None flagged it as perilous. The only thing it needs to do to compromise the PC is an Internet connection. Once it finds it (it searches for it as soon as the PC is on), Rakshasa retrieves a small slip of code which opens the system to remote manipulation.
Unblockable and Irremovable Computer Infection Method Discovered - Softpedia
