Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
>>>Rakshasa replaces the motherboard BIOS, but can also infect the PCI firmware of other peripheral devices like network cards or CD-ROMs, in order to achieve a high degree of redundancy.
snip
Existent computer architecture gives every peripheral device equal access to RAM (random access memory), Brossard said. "The CD-ROM drive can very well control the network card." This means that even if someone were to restore the original BIOS, rogue firmware located on the network card or the CD-ROM could be used to reflash the rogue one, Brossard said.
The only way to get rid of the malware is to shut down the computer and manually reflash every peripheral, a method that is impractical for most users because it requires specialized equipment and advanced knowledge.
Brossard created Rakshasa to prove that hardware backdooring is practical and can be done somewhere in the supply chain, before a computer is delivered to the end user. He pointed out that most computers, including Macs, come from China.<<<
MODS: Please fix topic title s/b Reasearcher
Edit: TY!
Back to top
