French hacker Jonathan Brossard recently developed Rakshasa, software that can be hidden inside the hardware of a PC, creating a backdoor that would allow secret remote access over the Internet.
Rakshasa needs to be installed into the BIOS chip's firmware on a PC's motherboard. "If someone puts a single rogue firmware on your machine, he basically owns you forever," Brossard warns.
When a Rakshasa-infected PC is turned on, the software looks for an Internet connection to find a small amount of code used to compromise the computer. Then, as the computer's operating system (OS) boots up, Rakshasa uses the powers it has granted itself to inject code into important parts of the operating system. Brossard says that since Rakshasa stays inside the motherboard's chips, it is out of view of antivirus software and resilient to the most common responses by information technology staff.
He says Rakshasa was created using several open source programs for altering firmware, and it works on 230 motherboard models. "Even if you change your hard drive or change your OS, you're still very much going to be owned," Brossard says. "Another attack scenario is you buy a new network card and get back-doored."
From Technology Review
View Full Article
Abstracts Copyright © 2012 Information Inc., Bethesda, Maryland, USA
No entries found