Post Fri Feb 10, 2006 11:19 pm

BIOS Rootkits

Better hacking through science: new and better ways to hide your rootkit
By William Jackson
GCN Staff

In the cat-and-mouse game of computer security, rootkits are a powerful way to hide malicious code on a compromised computer where it is difficult to detect and remove.

As detection tools become more sophisticated, one researcher thinks that the BIOS may be the new frontier for rootkits.

“There are no tools now to audit your BIOS for a rootkit,” said John Heasman, principal security consultant for NGS Software Ltd. of the U.K. Heasman, speaking at the Black Hat Federal Briefings in Arlington, Va., described a proof of concept technique for placing a rootkit at such a low level on the computer’s system that it would survive reboots, reinstallation of operating systems and even replacement of the hard drive.

For full story: