Over the past few years, the world has seen ransomware threats advance from living inside browsers to operating systems, to the bootloader, and now to the low-level firmware that powers a computer’s hardware components.
Earlier this year, a team of researchers from security vendor Cylance demonstrated a proof-of-concept ransomware program that ran inside a motherboard’s Unified Extensible Firmware Interface (UEFI) — the modern BIOS.
On Friday, at the Black Hat Asia security conference, the team revealed how they did it: by exploiting vulnerabilities in the firmware of two models of ultra compact PCs from Taiwanese computer manufacturer Gigabyte Technology.
To read this article in full or to leave a comment, please click here
Source: News Feed