I've recently flashed a new BIOS for my motherboard (ASRock Z170 Extreme 4) using the BIOS built-in option "Automatically download from the Internet and install" and this option wanted me to plug an USB drive in the computer. I used my USB drive I have in my wallet, which has been used at least in hundred different computers.
I am wondering if there is a way to get your BIOS infected by using an infected USB stick to flash it. Could some sort of malware blame the flashing tool to use a different version of BIOS than the downloaded one?
I actually think that this form on infection is highly improbable, but I was just curious if it is possible.
Would my AV software (I use KIS 2017) detect such sort of malware? I don't think it is capable of reading BIOS information, but BIOS malware is installed in order to perform some actions in the OS which is what my AV could notice.
Thank You for Your reply,
P.S.: Just to get sure, I downloaded the same version of BIOS from a trusted computer and flashed it again using the same, but this time formatted flash drive :-)