The ability to hack the BIOS chip at the heart of every computer is no longer reserved for the NSA and other three-letter agencies.
Millions of machines contain basic BIOS vulnerabilities that let anyone with moderately sophisticated hacking skills compromise and control a system surreptitiously, according to two researchers.
The revelation comes two years after a
catalogue of NSA spy tools leaked to journalists in Germany surprised everyone with its talk about the NSA’s efforts to infect BIOS firmware with malicious implants.
The BIOS boots a computer and helps load the operating system. By infecting this core software, which operates below antivirus and other security products and therefore is not usually scanned by them, spies can plant malware that remains live and undetected even if the computer’s operating system were wiped and re-installed.
