What do you think about #badBIOS?

Hello!
Some days, Twitter user dragosr writes about serious Troyan, which he called #badBIOS. Judging by his stories, it's something like a zombie Apocalypse in the world of computers.
Dragosr writes that, probably, this Trojan preprogrammed controllers are USB flash drives so that they begin to exploit the vulnerabilities of the BIOS to identify USB devices.
www.facebook.com/dragosr/posts/10151655183445588
He inserted the flash drive that was previously in the infected Windows system in the computer with BSD, and Mac, and they too began to show signs of infection — ceased to boot from CD. Says bricol a few flash drives, quickly inserting it and removing it (sutrayana firmware did not have time to get to the end).
Another says that this Trojan is capable to replace all files when writing to CD.
Also, as a possible attack vector mentioned in the preview. ttf font files in Windows. Says files some of the fonts have changed in size, and files in the fonts folder.
He put the dump BIOS of your infected computer twitter.com/dragosr/status/388773435284787200

In General, to be honest, more like a prank.
Who thinks that?

plus.google.com/103470457057356043365/posts
twitter.com/search?q=%23badBIOS&src=hash
twitter.com/dragosr
www.reddit.com/r/netsec/comments/1o7jvr/bios_backdoor_bridges_airgapped_networks_using_sdr/
www.reddit.com/r/netsec/comments/1p8wma/dragos_ruius_badbios_saga_simply_plugging_in_a/
kabelmast.wordpress.com/2013/10/23/badbios-and-lotsa-paranoia-plus-fireworks/
October 3rd 19 at 03:16
4 answers
October 3rd 19 at 03:18
I think it's a duck, at least mac has no BIOS and without any action on the part of the system itself is very problematic to "infect" all the variety of bios/efi/uefi and where does boot from the CD. Is there a way this contagious stick, so you can check?
Moreover, is this super virus has the firmwares for all of the variety of controllers that have? And the controller in the stick is not such a fancy to poke virus, they have all the same basic functionality — to connect USB and to resolve appeals to the flash memory. - Lawrence12 commented on October 3rd 19 at 03:21
Controllers, in fact, not so much. - madyson16 commented on October 3rd 19 at 03:24
Opened the Datasheet first — almost all hardware and firmware is executed by the kernel 80C51 running at 12 MHz. Something little hard to believe that someone wrote a virus for the computer under the controller... - Lawrence12 commented on October 3rd 19 at 03:27
And by the way, there is a substitution of the firmware? The program for updating the firmware of the controllers flash drives that I have seen require a driver installation (not signed) that requires admin rights, there is still a lot of Windows that the driver is not signed. - Lawrence12 commented on October 3rd 19 at 03:30
October 3rd 19 at 03:20
He inserted the flash drive that was previously in the infected Windows system in the computer with BSD, and Mac, and they too began to show signs of infection — ceased to boot from CD.


Is there anything that can make this phrase true?
It turns out that this magic firmware pendrive by itself, without the participation of the OS can modify the BIOS? Why is it the boot from CD is broken?
October 3rd 19 at 03:22
October 3rd 19 at 03:24
Interestingly, he posted the BIOS is corrupted or not unpacked nor PhoenixTool'th or UEFITool'ohms.
Maybe a virus perepolnyaet DXE Core of their algorithm (and disguises it under LZMA) and replaces PEI module that implements LZMA decompression to the BIOS continued to work. Rummage, when you have time.
Compared dumps — the difference in a couple of places, which is very similar to the errors in the dump. With BIOS everything is in order, differ. - Lawrence12 commented on October 3rd 19 at 03:27

Find more questions by tags Other