Friday, August 01, 2014
BadPCI
Security researcher Arrigo Triulzi. Nothing of Bad Hardware is science fiction taken individually, but we have not seen it in the wild ever. Well, what about Natanz nuclear facility ?
Triulzi said he's seen plenty of firmware-targeting malware in the laboratory. A client of his once infected the UEFI-based BIOS of his Mac laptop as part of an experiment. Five years ago, Triulzi himself developed proof-of-concept malware that stealthily infected the network interface controllers that sit on a computer motherboard and provide the Ethernet jack that connects the machine to a network. His research built off of work by John Heasman that demonstrated how to plant hard-to-detect malware known as a rootkit in a computer's peripheral component interconnect, the Intel-developed connection that attaches hardware devices to a CPU.
Vendors of newer P C I c a r ds often provide tools that c a n be use to f l a s h the c a r d f rom within W i ndows ( provided t h e user has administrative privilege )
___________________________
99% BAD HARDWARE WEEK: