Sign up to our newsletter
Vulnerabilities have been detected in the BIOS chips found in millions of computers which could leave users open to hacking, as demonstrated by two researchers at the CanSecWest conference in Vancouver, Canada.
According to Wired, the BIOS chip operates below antivirus software so is not usually scanned, meaning a successful hack could allow attackers to plant malware on computers and remain undetected. BIOS chips are used to boot a computer and load the operating system, but the malware would remain even if the operating system was removed and re-installed.
Researchers Xeno Kovah and Corey Kallenberg presented the proof-of-concept hack last Friday, explaining that the flaws were found in 80% of the computers they had tested – including those made by Dell, Lenovo and HP. Once the pair’s LightEater malware gets into the system, they showed how it might be used to read all of the data that appears in a machine’s memory.
The Register reports that the attack could be carried out in just two minutes if the hacker had physical access, and they would need only limited technical skills. The attacker could also compromise the BIOS chip remotely via a phishing email or other similar methods.
The vulnerabilities have been described as “incursion vulnerabilities,” meaning that there are so many that a script written to find them would eventually give up after finding more than enough openings to exploit.
Although the vendors of affected machines have been notified and a patch is in the works, Kovah notes that few people have applied BIOS patches in the past when they’ve been supplied by vendors.
“Because people haven’t been patching their BIOSes, all of the vulnerabilities that have been disclosed over the last couple of years are all open and available to an attacker,” said Kovah, as reported by Rappler. “We spent the last couple of years at MITRE running around to companies trying to get them to do patches. They think BIOS is out of sight out of mind [because] they don’t hear a lot about it being attacked in the wild.”
Author Kyle Ellison, ESET