More on my ongoing chase of #badBIOS malware. It’s been difficult to confirm | Dragos Ruiu

380_wpm_lowres11

More on my ongoing chase of #badBIOS malware. It’s been difficult to confirm this as I’m down to a precious few reference systems that are clean. I lost another one yesterday confirming that’s simply plugging in a USB device from an infected system into a clean one is sufficient to infect. This was on a BSD system, so this is definitely not a Windows issue.- and it’s a low level issue, I didn’t even mount the volume and it was infected. Could this be an overflow in the way bios ids the drive?

Source: More on my ongoing chase of #badBIOS malware. It’s been difficult to confirm …

Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps | Ars Technica

Like a super strain of bacteria, the rootkit plaguing Dragos Ruiu is omnipotent.

Three years ago, security consultant Dragos Ruiu was in his lab when he noticed something highly unusual: his MacBook Air, on which he had just installed a fresh copy of OS X, spontaneously updated the firmware that helps it boot.

Stranger still, when Ruiu then tried to boot the machine off a CD ROM, it refused. He also found that the machine could delete data and undo configuration changes with no prompting. He didn’t know it then, but that odd firmware update would become a high-stakes malware mystery that would consume most of his waking hours.

Source: Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps | Ars Technica