Persistent Bios Infection
CanSecWest Vancouver 2009 - http://cansecwest.com/
Abstract
When developing rootkits, one of the biggest problems is executing the malicious code, surviving reboots and remaining undetected. This talk will demonstrate how malicious code can be injected into commercial BIOS firmware. Instead of utilizing other rootkit methods which make use of the ACPI specification, Core Security has focused on a binary generic implementation independent of the installed OS to simulate how attackers can take control of a system.
