By Dan Goodin in San Francisco
24th March 2009
Researchers have demonstrated how to create rootkits that survive
hard-disk reformatting by injecting malware into the low-level system
instructions of a target computer.
The researchers, from Core Security Technologies, used the techniques to
inject rootkits into two computers, one running the OpenBSD operating
system and the other Windows. Because the infection lives in the
computer's BIOS, or basic input/output system, it persists even after
the operating system is reinstalled or a computer's hard drive is
While researchers have focused on BIOS-based rootkits for at least three
years, earlier techniques generally attacked specific types of BIOSes,
such as those that used ACPI, or Advanced Configuration and Power
Interface. The techniques demonstrated by the Core researchers work on
virtually all types of systems, they said.
Best Selling Security Books and More!