Overheard – BIOS attack

“Until now, common wisdom has been that the large variety of BIOS implementations means it is unfeasible for attackers to create portable, widespread BIOS malware. Core’s researchers proved this wrong.” Sherri Davidoff, BIOS can become a source of malware

According to Core’s CTO, Ivan Arce, the researchers identified a specific section of BIOS code — a decompression routine — used in the majority of motherboards. BIOS code is stored compressed so that it takes up less space, and code must be decompressed before it runs. The decompression routine is exactly the same in many different motherboards. This gives attackers a single snippet of code that they can target in order to compromise many different BIOSes. The result? For the first time, researchers showed that BIOS-level malware can practically infect a wide variety of hardware.