Malware in the BIOS? NOW I’m Scared

I have worked with computers for a long time, and there have been very few things that actually give me the willies. Most of them are not really safe for work, but Mebromi, that’s something that gives me a ‘bad touch’ feeling and should be discussed at work.

Mebromi is a Trojan horse that infects the BIOS and the Master Boot Record.

Attacking the BIOS is nothing new. Chernobyl/CIH did this back in the late 90’s but all that did was take a (virtual) sledgehammer to your computer. Mebromi actually replaces part of the BIOS so that the computer can be re-infected even if the infection is cleaned from your hard disk.

Anti-Executable, when configured properly, would stop the modified drivers that Mebromi uses from being able to run preventing the BIOS from becoming infected, even if anti-virus didn’t catch the specific piece of malware that was run.

Cleaning up malware is difficult enough without having to contend with something that lives as a ghost in your machine that you can’t get rid of. You are better off to keep it from ever taking up residence than having to clean up the mess.

Don’t be victim. Take preventitive measures.

 

Scott Cornell

When he’s not knee deep in blogging and all things tech, Scott spends his free time playing ultimate Frisbee and watching foreign films. An expert in emerging tech trends, Scott always has his ear to ground for breaking news related to IT security.