Over the past few years, the world has seen ransomware threats advance from living inside browsers to operating systems, to the bootloader, and now to the low-level firmware that powers a computer’s hardware components.
Earlier this year, a team of researchers from security vendor Cylance demonstrated a proof-of-concept ransomware program that ran inside a motherboard’s Unified Extensible Firmware Interface (UEFI) – the modern BIOS.
On Friday, at the Black Hat Asia security conference, the team revealed how they did it: By exploiting vulnerabilities in the firmware of two models of ultra compact PCs from Taiwanese computer manufacturer Gigabyte Technology.
from Computerworld News http://www.computerworld.com/article/3186880/security/uefi-flaws-can-be-exploited-to-install-highly-persistent-ransomware.html#tk.rss_news
from Tumblr http://2375823.tumblr.com/post/159159035578