Wednesday, September 14, 2011

New BIOS Exploiting Rootkit Discovered

http://it.slashdot.org/story/11/09/14/1621230/New-BIOS-Exploiting-Rootkit-Discovered

First time accepted submitter mtemar writes with a Symantec analysis of an interesting new trojan/virus.

From the article:"There are more and more known viruses that infect the MBR. Symantec Security Response has published a blog to demonstrate this trend last month. However, we seldom confront with one that infects the BIOS. One of them, the notorious CIH, appeared in 1999, which infected the computer BIOS and thus harmed a huge number of computers at that time. Recently, we met a new threat named Trojan.Mebromi that can add malicious components into Award BIOS which allows the threat to take control of the system even before MBR."

No comments: