Google Play icon

Security researcher discovers badBIOS malware that jumps using microphone and speakers

Share
Posted November 4, 2013
BIOS
Highly respected Canadian security expert Dragos Ruiu has been fighting, he claims, an unknown bit of malware that that appears to run on Windows, Mac OS X, BSD and Linux, for approximately three years. After much research and effort, which he has been documenting using several online venues (mainly Twitter), he says he believes the malware infects computers via memory sticks, and vice versa. He says also that he’s found evidence that the malware is able to create mini-networks between infected machines using high frequency sound waves that are passed from a computer’s microphone to another’s speakers, and vice-versa. Unfortunately, at this time, Ruiu is the only person that appears to know about the malware, which he has dubbed badBIOS.

All of the things Ruiu has described have been seen before, just not all together. The Stuxnet virus, for example, was passed to infected machines from memory sticks, and high-frequency sound waves have been used to send network packets of information for years. What’s troubling about badBIOS is that it’s either infecting only Ruiu’s machines, or it’s infecting a lot of other machines but nobody knows about it because of its very sneaky nature. If it is infecting other computers, what is it doing, and why?

Ruiu contends that badBIOS is malware that infects a computer’s BIOS, thus reformatting a hard drive won’t kill it, nor will running any known commercial antivirus software suite. Ruiu says that despite cleaning every piece of hardware he owns, the infections return. He says it all started around three years ago after installing a fresh copy of Mac OS X on his MacBook Air—the firmware on it updated itself without him doing anything to cause it to do so. Afterwards, the machine refused to allow him to boot from a CD ROM. Over the next several months, he reports, his other computers began behaving strangely as well, modifying their own firmware, occasionally deleting data and undoing changes to configuration information. What really worried him though was that a computer not connected to a network, or the Internet became infected as well. That led him to discover that encrypted data packets were being sent between infected machines, even those not on a network. The only way to stop them, he found, was disconnecting the microphones and speakers.

Read more at: Phys.org

Featured news from related categories:

Technology Org App
Google Play icon
87,043 science & technology articles

Most Popular Articles

  1. You Might Not Need a Hybrid Car If This Invention Works (January 11, 2020)
  2. Toyota Raize a new cool compact SUV that we will not see in this part of the world (November 24, 2019)
  3. An 18 carat gold nugget made of plastic (January 13, 2020)
  4. Human body temperature has decreased in United States, study finds (January 10, 2020)
  5. Donkeys actually prefer living in hot climate zones (January 6, 2020)

Follow us

Facebook   Twitter   Pinterest   Tumblr   RSS   Newsletter via Email