Don't go burning your motherboards but do be aware of this UEFI rootkit
Subject: General Tech | July 15, 2015 - 12:43 PM | Jeremy Hellstrom
Tagged: uefi, security
Yet another revelation has come from the Hacking Team leak, a UEFI based rootkit which can infect computers and will survive AV scans and even a drive replacement. The rootkit is designed specifically for the BIOS designed by Insyde which are found primarily in laptops; Dell and HP for example. TrendMicro suggested to The Register that this rootkit could also infect AMIBIOS designed UEFI, the type you are familiar with from desktop motherboards but that has not been confirmed. As well Trend Micro intimates that the rootkit could be installed remotely but so far the evidence suggests physical access is required ... as flashing a BIOS tends to do. Using UEFI SecureFlash, or even flashing to the newest version will also remove the kit, although depending on the solution your motherboard uses you may see error messages about updating an unexpected or corrupt previous version. Keep safe out there and maybe keep the Flash to your BIOS for now.
"Hacking Team RCS spyware came pre-loaded with an UEFI (Unified Extensible Firmware Interface) BIOS rootkit to hide itself on infected systems, it has emerged following the recent hacking of the controversial surveillance firm."
Here is some more Tech News from around the web:
- Adobe: We REALLY are taking Flash security seriously – honest @ The Register
- Samsung Galaxy A8 launches with Snapdragon 615 chip and Android 5.1.1 Lollipop @ The Inquirer
- Google can now run your Windows Server installations for you @ The Inquirer
- Rackspace to resell and support Microsoft's Azure @ The Register
- How to Really Delete your Files @ Hardware Secrets
- Asus RT-AC3200 802.11ac Router @ Kitguru