Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BadVIRUS - From Naked Security Article.


  • Please log in to reply
5 replies to this topic

#1 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:18 AM

Posted 01 November 2013 - 08:41 AM

http://nakedsecurity.sophos.com/2013/11/01/the-badbios-virus-that-jumps-airgaps-and-takes-over-your-firmware-whats-the-story/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=1e1d365d83-naked%252Bsecurity&utm_term=0_31623bb782-1e1d365d83-454842909

A number of readers have asked us, "What do you guys have to say about the BadBIOS story that's unfolding at the moment?"

In a nutshell, it's a story about a virus that is claimed to have some remarkable characteristics.

Sufficiently remarkable, in fact, to inspire Ars Technica's Dan Goodin to describe it as not just "mysterious" but "omnipotent.


What are your thoughts?

BC AdBot (Login to Remove)

 


#2 Anshad Edavana

Anshad Edavana

  • Members
  • 2,805 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:48 AM

Posted 01 November 2013 - 09:33 AM

A quote from http://blog.erratasec.com/2013/10/badbios-features-explained.html?m=1

 

 

 

We don't know of any of this is real. Dragos could be having a psychotic episode where paranoia has gotten the best of him. Our industry is rife with paranoia, where our "Occam's Razor" is tuned to believing that the most plausible explanation for everything "hackers". Weird sounds coming from the speakers? OMG it's a hacker!!


#3 Anshad Edavana

Anshad Edavana

  • Members
  • 2,805 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:48 AM

Posted 01 November 2013 - 09:39 AM

 

Imagine that you could somehow turn on the speaker and produce reliably-decodable but inaudible sounds.

How would you persuade the uninfected computer to receive them at all, let alone to treat them as shellcode that would ultimately let you reflash the BIOS?

 

Also please note that, BIOS is different from motherboard to motherboard. How it is technically possible for a very small peace of code to alter thousands of BIOS from various manufacturer's ?.



#4 jkostar

jkostar

  • Members
  • 103 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:12:18 AM

Posted 01 November 2013 - 09:52 AM

"Everything Dragos describes is plausible. It's not the mainstream of "hacking", but neither is it "nation state" level hacking. That it's all so plausible leads credence to the idea that Dragos isn't imagining it. Of course, since Dragos is an expert, his imagination is likely be full of factually correct details anyway, so maybe the plausibility of these hacks isn't such guarantee of truth.
 
Dragos has only been analyzing this for a few weeks. Presumably, he won't give us the full details for us to check out until the next CanSecWest conference. Until then, I guess we are all just blowing smoke about whether this is "real" or not."
 
I have read multiple articles regarding this topic, and this does look to be possable. Even in the article linked above, the author states this would be possible, though it has not been seen previously.

 

 

 


#5 Anshad Edavana

Anshad Edavana

  • Members
  • 2,805 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:48 AM

Posted 01 November 2013 - 10:11 AM

Dragos is studying about malwares in the past 15 years. Probably he will be thinking about malwares even when eating and sleeping. My best guess is he became psychic after thinking about malwares too much. He even blames malwares for hardware failures such as a disc drive's failure to read a CD. After all every computer is an electronic device and it can fail at any time. Blaming malware for everything is plain stupid.


Edited by Anshad Edavana, 01 November 2013 - 10:11 AM.


#6 USASAgencyman

USASAgencyman

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NE FL
  • Local time:01:18 AM

Posted 05 November 2013 - 08:52 AM

For the rational and those who are wannabes:

 

http://www.rootwyrm.com/2013/11/the-badbios-analysis-is-wrong/

 

So I'm now on board with this analysis. 

 

The tech expertise of the author, Phillip Jaenke, is at a level I always attributed to being genetically "advantaged".

 

Dragos is either doing this for fun or is lost in the haze.  I read he posted code on Reddit, but I haven't found it yet.

 

YMMV,

Bruce






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users