Hardware Trojan (CPU, RAM, Graphic card, BIOS)?

[Winter Soldier]

@frogboy you are right
I think I should stop reading about these topics on the internet or I will be crazy

Never reading things on the internet, my doctor always tells me this

 

[SHvFl]

but still possible

Yep, but still lower than aliens eliminating the whole planet by the time you reply back. I am still alive so the chance of never getting this is looking good.

 

[Handsome Recluse]

If possible, follow security advice to remain malware-free. If not, good luck.

He'd probably have more things to worry about than this thing here if that's the case.

 

[shmu26]

So all these screaming headlines about Intel hardware backdoors and firmware vulnerabilities etc are basically just to feed our paranoia?
And why is their likelihood of hitting the OP so extremely low?
Not arguing with anyone, just trying to understand. (My mobo reportedly has an unpatched intel vulnerability...)

 

[Deleted member 178]

There is difference between PoCs and Prevalence:

- PoC (Proof of Concept) : malware can infect hardware via complex mechanism and vectors.
- Prevalence (real world scenario) : you probably won't get it unless you looked for it.

 

[Winter Soldier]

I agree, better to be realistic.
But, in my opinion, it is necessary to monitor with attention the evolution of new forms of malware, which are not always PoC written by researchers for scientific purposes.
Indeed, it is necessary that security vendors rely on them and preventing the spread of malware potentially devastating on global level.

Think of what would happen if the BIOS of all the machines used for the management of the public thing, were infected in non-reversible way. All of us would be left without services, and governments would be forced to spend millions of dollars to resolve the matter (in many cases replacing the infected machines), obviously doing fall all on our pockets.

Fingers crossed, we should.

 

[ElectricSheep]

Lol, good luck. This scenario is beyond science fiction. The chance of aliens eliminating the whole planet by the time you read this message is higher than a typical user to find such a malware.

The odds of an alien invasion are astronomical (pardon the pun!) For starters, we don't even know life exists elsewhere and the universe is such an immensely vast place!

 

[Handsome Recluse]

I agree, better to be realistic.
But, in my opinion, it is necessary to monitor with attention the evolution of new forms of malware, which are not always PoC written by researchers for scientific purposes.
Indeed, it is necessary that security vendors rely on them and preventing the spread of malware potentially devastating on global level.

Think of what would happen if the BIOS of all the machines used for the management of the public thing, were infected in non-reversible way. All of us would be left without services, and governments would be forced to spend millions of dollars to resolve the matter (in many cases replacing the infected machines), obviously doing fall all on our pockets.

Fingers crossed, we should.

There'd be economic reasons and high skill to stop that from happening.

The odds of an alien invasion are astronomical (pardon the pun!) For starters, we don't even know life exists elsewhere and the universe is such an immensely vast place!

Maybe the paradox of it then not happening is the real reason.

 

[Windows Defender Shill]

Can't remember which episode but the Security Now podcast recently addressed this issue

Because a listener asked about buying a used machine off Ebay.

And basically said there is currently no malware scanner that addresses BIOS/UEFI based malware

However, common opinion states this is HIGHLY unlikely! Question about possible UEFI/BIOS infection - Forums

 

[Winter Soldier]

Can't remember which episode but the Security Now podcast recently addressed this issue

Because a listener asked about buying a used machine off Ebay.

And basically said there is currently no malware scanner that addresses BIOS/UEFI based malware

However, common opinion states this is HIGHLY unlikely! Question about possible UEFI/BIOS infection - Forums

Of course, also it is necessary to say that old sample, like the above mentioned Mebromi, probably wouldn't be able to infect 64-bit systems, nor to do any harm on systems with non-administrative account.
To gain access to the BIOS, Mebromi should be run in kernel mode so that it can be able to manage the physical memory rather than the virtual one.

 

[jamescv7]

Unfortunately there is no direct cure to a threat which infected in hardware, since the environment is meant to operate things in maximum privilege thus any changes or altered from source code of original hardware can lead to unusable stage.

Always remain the hardware like BIOS to be up to date from your manufacturer itself only which help to reduce security vulnerabilities risk.

 

[Sunshine-boy]

HELLO, @jamescv7
is there any way to check your hardware?to see are u infected or no? who knows? I have this PC since 5 years ago:/

 

[brambedkar59]

Can't remember which episode but the Security Now podcast recently addressed this issue

Because a listener asked about buying a used machine off Ebay.

And basically said there is currently no malware scanner that addresses BIOS/UEFI based malware

However, common opinion states this is HIGHLY unlikely! Question about possible UEFI/BIOS infection - Forums

For used hardware, wouldn't reflashing the BIOS/UEFI will make sure of that it's clean.