From: "~BD~" <~BD~@nomail.afraid.org>
> David H. Lipman wrote:
>> From: "~BD~"<~BD~@nomail.afraid.org>
>>
>>> David H. Lipman wrote:
>>>> From: "~BD~"<~BD~@nomail.afraid.org>
>>>>
>>>>> David H. Lipman wrote:
>>>>>> From: "~BD~"<~BD~@nomail.afraid.org>
>>>>>>
>>>>>>> Researchers have discovered one of the first pieces of malware ever used in the
>>>>>>> wild
>>>>>>> that modifies the software on the motherboard of infected computers to ensure the
>>>>>>> infection can't be easily eradicated.
>>>>>>>
>>>>>>> Known as Trojan.Mebromi, the rootkit reflashes the BIOS of computers it attacks to
>>>>>>> add
>>>>>>> malicious instructions that are executed early in a computer's boot-up sequence.
>>>>>>> The
>>>>>>> instructions, in turn, alter a computer's MBR, or master boot record, another
>>>>>>> system
>>>>>>> component that gets executed prior to the loading of the operating system of an
>>>>>>> infected
>>>>>>> machine. By corrupting the processes that run immediately after a PC starts, the
>>>>>>> malware
>>>>>>> stands a better chance of surviving attempts by antivirus programs to remove it.
>>>>>>>
>>>>>>> http://www.theregister.co.uk/2011/09...it_discovered/
>>>>>>>
>>>>>>
>>>>>> This is the FIRST malware to infiltrate the BIOS that's been in the wild, it is
>>>>>> targeting
>>>>>> Chinese computers in China and ONLY targets Phoenix/Award BIOS.
>>>>>>
>>>>>>
>>>>>
>>>>> Please explain exactly how you can be so certain about this, Mr Lipman.
>>>>
>>>>
>>>> Its called reading and understanding and it wasn't from reading TheRegister we page.
>>>>
>>>
>>> I think you are full of sh*t, Mr Lipman.
>>>
>>
>> Marco's writeup...
>> http://blog.webroot.com/2011/09/13/m...t-in-the-wild/
>>
>> Symantec's writeup...
>> http://www.symantec.com/connect/blog...-showing-again
>>
>> The sh!t is what spews from your fingertips.
>>
>>
>>
>
> I recall you saying that this was impossible. I simply cannot trust what you say. You
> are a fraud, Mr. Lipman.
You recall WRONG. I elaborated how difficult it was and all the obstacles there were to
overcome and said there was nothing in the wild at that time while you were creatiung FUD
trying to prove that there "could" and probably were cases in the wild.
NOW there is finally something in the wild yet this malware still has huge obstacles to
overcome making it a poor implementation form the POV of the malicious actor.
--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp
Reply With Quote