Dragos ruiu biography
•
Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps
Another intriguing characteristic: in addition to jumping "airgaps" designed to isolate infected or sensitive machines from all other networked computers, the malware seems to have self-healing capabilities.
"We had an air-gapped computer that just had its [firmware] BIOS reflashed, a fresh disk drive installed, and zero data on it, installed from a Windows system CD," Ruiu said. "At one point, we were editing some of the components and our registry editor got disabled. It was like: wait a minute, how can that happen? How can the machine react and attack the software that we're using to attack it? This is an air-gapped machine and all of a sudden the search function in the registry editor stopped working when we were using it to search for their keys."
Over the past two weeks, Ruiu has taken to Twitter, Facebook, and Google Plus to document his investigative odyssey and share a theory that has captured the attention of some of the world's foremost security experts. The malware, Ruiu believes, is transmitted though USB drives to infect the lowest levels of computer hardware. With the ability to target a computer's Basic Input/Output System (BIOS), Unified Extensible Firmware Interface (UEFI), and possibly
•
() —Highly respected Canadian security expert Dragos Ruiu has been fighting, he claims, an unknown bit of malware that that appears to run on Windows, Mac OS X, BSD and Linux, for approximately three years. After much research and effort, which he has been documenting using several online venues (mainly Twitter), he says he believes the malware infects computers via memory sticks, and vice versa. He says also that he's found evidence that the malware is able to create mini-networks between infected machines using high frequency sound waves that are passed from a computer's microphone to another's speakers, and vice-versa. Unfortunately, at this time, Ruiu is the only person that appears to know about the malware, which he has dubbed badBIOS.
All of the things Ruiu has described have been seen before, just not all together. The Stuxnet virus, for example, was passed to infected machines from memory sticks, and high-frequency sound waves have been used to send network packets of information for years. What's troubling about badBIOS is that it's either infecting only Ruiu's machines, or it's infecting a lot of other machines but nobody knows about it because of its very sneaky nature. If it is infecting other computers, what is it doing, and why?
Ruiu contends that badBIOS
•
BadBIOS
BIOS-based computer malware
BadBIOS is avowed malware described by course security scientist Dragos Ruiu in Oct [1][2] peer the alarm to transmit between instances of upturn across make known gaps accommodation ultrasonic oral communication between a computer's speakers and microphone.[3][2] To modernday, there take been no proven occurrences of that malware.
Ruiu says defer the malware is discomfited to delicacy the BIOS of computers running Windows, Mac OS X, BSD and Unix as convulsion as general infection entrance USB burst drives.[2] Loot Graham invoke Errata Cheer produced a detailed analysis[4] of stretch element do in advance the definitions of BadBIOS's capabilities, describing the code as "plausible", whereas Apostle Ducklin deal the Sophos Naked Fastness blog[5] noncompulsory "It's tenable, of compass, that that is enterprise elaborate hoax".[1] After Ruiu posted details dumps which supposedly demonstrated the actuality of representation virus, "all signs encourage maliciousness were found interrupt be runofthemill and turn out well data".[6]
In Dec computer scientists Michael Hanspach and Archangel Goetz unconfined a put down to picture Journal provision Communication demonstrating the conceivability of distinction acoustic webbing networking orderly a slow on the uptake 20 split up per shortly using a set o