acm-header
Sign In

Communications of the ACM

ACM TechNews

A Computer Infection That Can Never Be Cured


View as: Print Mobile App Share:
Jonathan Brossard

Jonathan Brossard

Credit: Black Hat

French hacker Jonathan Brossard recently developed Rakshasa, software that can be hidden inside the hardware of a PC, creating a backdoor that would allow secret remote access over the Internet.

Rakshasa needs to be installed into the BIOS chip's firmware on a PC's motherboard. "If someone puts a single rogue firmware on your machine, he basically owns you forever," Brossard warns.

When a Rakshasa-infected PC is turned on, the software looks for an Internet connection to find a small amount of code used to compromise the computer. Then, as the computer's operating system (OS) boots up, Rakshasa uses the powers it has granted itself to inject code into important parts of the operating system. Brossard says that since Rakshasa stays inside the motherboard's chips, it is out of view of antivirus software and resilient to the most common responses by information technology staff.

He says Rakshasa was created using several open source programs for altering firmware, and it works on 230 motherboard models. "Even if you change your hard drive or change your OS, you're still very much going to be owned," Brossard says. "Another attack scenario is you buy a new network card and get back-doored."

From Technology Review 
View Full Article

Abstracts Copyright © 2012 Information Inc., Bethesda, Maryland, USA 


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account