badBIOS Malware

wes allenwes allen Member Posts: 540 ■■■■■□□□□□
in Off-Topic
Anyone else following this unfolding story?

Meet
· Share on FacebookShare on Twitter

Comments

  • --chris----chris-- Member Posts: 1,518 ■■■■■□□□□□
    Like scifi.

    Ultra sonic packet transmission?


    · Share on FacebookShare on Twitter
  • ratbuddyratbuddy Member Posts: 665
    He says they reflashed the BIOS of affected machines, but who's to say the infected BIOS doesn't just spoof success to the flash util..
    · Share on FacebookShare on Twitter
  • --chris----chris-- Member Posts: 1,518 ■■■■■□□□□□
    @=ratbuddy
    Possible.

    Id like to believe in Ultra sonic packet transmission though. It just sounds cooler.


    · Share on FacebookShare on Twitter
  • ratbuddyratbuddy Member Posts: 665
    Ever pick up the phone while someone was on the line with a modem? Just raise the frequencies and put it on speakerphone, and there you go. Easy stuff.
    · Share on FacebookShare on Twitter
  • BalantineBalantine Member Posts: 77 ■■□□□□□□□□
    Not so easy if the comm is spread out over long periods of time.

    I have a lot of questions about the details in this story. Nice entertainment...freaky fah sure.
    dulce bellum inexpertis
    · Share on FacebookShare on Twitter
  • ratbuddyratbuddy Member Posts: 665
    Pure entertainment. If the machines really are communicating through audio, it stands to reason that any similar computer has a microphone which could monitor such communications. This guy needs to put up or shut up :)
    · Share on FacebookShare on Twitter
  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    The guy is putting the information out there from what I read, it doesn't sound like he is hiding anything.

    The story makes me want to throw my computer in a hole in the ground j/k.
    · Share on FacebookShare on Twitter
  • vColevCole Member Posts: 1,573 ■■■■■■■□□□
    Curious to see how this pans out. I can see how it would work via speakers/mic but how it's nesting itself in he BIOS - I'm just not sure.
    · Share on FacebookShare on Twitter
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Read a few articles on this just this morning. Personally, I'm a little doubtful on the ultrasonic being used, but it's possible. Interested to see how it all pans out and to see a third party come in to do some testing.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
    · Share on FacebookShare on Twitter
  • colemiccolemic Member Posts: 1,568 ■■■■■■■□□□
    I find it interesting as well... will have to follow up in a couple of weeks to see where it stands.
    Working on: CCSP, definitely, maybe. On the twitters: @mcole1008
    · Share on FacebookShare on Twitter
  • gorebrushgorebrush Member Posts: 2,743 ■■■■■■■□□□
    Interesting and a lot of it is quite easily feasible but some parts of it just scream BS to me.

    Which makes me rather unsure as to the whole stories authenticity.
    · Share on FacebookShare on Twitter
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Motivation is the biggest cause for alarm since there is a lack of it in this case. Everything happens for a reason and here you don't see it (at least not clearly). Why use something so advanced on this guy? Should be noted though, usually Americans use the USB infection method.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    Blog post: The badBIOS Analysis Is Wrong. at RootWyrm's Corner
    · Share on FacebookShare on Twitter
  • --chris----chris-- Member Posts: 1,518 ■■■■■□□□□□
    YFZblu wrote: »
    Blog post: The badBIOS Analysis Is Wrong. at RootWyrm's Corner

    Just came here to post this. Its pretty damning, except I had never seen nor heard of RootWyrm before this either...so who knows.

    @YZFblu
    Are you on /r/netsec?


    · Share on FacebookShare on Twitter
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    I browse /r/netsec, but I've never posted
    · Share on FacebookShare on Twitter
Sign In or Register to comment.