Rakshasa- About Hardware Based on Backdoor Attacks

This forum is committed to providing information about latest computer threats, such as spyware, adware, trojans, worms, and other forms of malware.

Rakshasa- About Hardware Based on Backdoor Attacks

Postby Sophia » 2012-08-09 3:01

Recently researchers has demonstrated a proof-of-concept hardware backdoor, named Rakshasa after a demon from the Hindu mythology, which can infect computer’s BIOS (Basic Input Output System) and compromise the OS at boot time without leaving any track on the hard drive. It can also infect the PCI firmware of other peripheral technologies such as network cards and CD-ROMs. The code works on 230 different models of motherboard.

To make it short, firmware is software that is stored in non-volatile memory on a computer chip, and is used to initialize a piece of hardware’s functionality. In a PC, the BIOS is the most common example of firmware but in the case of wireless routers, a whole Linux OS is stored in firmware.

Hardware backdoors are lethal because:

1) They can’t be removed by conventional methods such as antivirus, formatting.
2) They can circumvent other types of security, like passwords, encrypted file systems.
3) They can be injected during manufacturing

Rakshasa is not the first malware to target the BIOS the low-level motherboard firmware that initializes other hardware compoents. It replaces the motherboard BIOS but can also infect the PCI firmware of other peripheral devices like network cards of CD-ROMs, in order to achieve a high degree of redundancy.

Installation-Rakshasa can be installed by anyone with physical access to your hardware either at manufacturing time or in the office with a USB stick. With luck, the creator of this malware, Brossard hasn’t released the code for Rakshasa but he seems fairly confident that other security groups/agencies have already developed similar tools.

Removal-The only way to get rid of the malware is to shut down the computer and manually reflash every peripheral, a method that is impractical for most users as it requires specialized equipment and advanced knowledge.

reference: http://thehackernews.com/2012/08/resear ... based.html
Imagination is more important than Knowledge!
User avatar
Anvisoft Staff

Anvisoft Staff
Posts: 589
Joined: 2012-04-16 3:32

Return to Latest Computer Threats

Random Threads
ThreadThread StarterViews
AAA+ Audemars Piguet Watches,Audemars Piguet Watches Onlinenfernandesher0
Bijoux et lunettes de soleil de qualité supérieure Cartier en ligne, Replica Watches Cartier A Prix le plus basamaxl0
Cheap Mont Blanc Ball-Point Pens AAA 0115 Silver On Sale - $106.00 : montblanc, bestmontblancpens.topeavessellpatr0

Who is online

Users browsing this forum: No registered users