Persistent BIOS Infection

Presentation of a technique to modify and persist code to add rootkit functionality to the BIOS firmware of commercial-of-the-shelf computers that do not perform strict enforcement of BIOS updates using cryptographically strong digital signature. The technique relies on identification and use of existent code in the firmware that is typically invariant through BIOS updates.

 

View Slides