Bad Bios Malware, new kind

A new malware is discovered that behaves in unusual ways.
It even can transmit () from loudspeakers of one computer to a microphone of another.

Dragos Ruiu made the discovery public.

Its multi system compatible.

As allways the question: Does comodo protect against it?

Edit: Translation difference.

Really? Do you have a blog post or source to back this up? It would be crazy if this is true… :o

In english.

This is probably a Halloween hoax, until people actually start getting infected this way I won’t believe it.

All the separate things can be produced. Actually old network technics didnt knew an airgap. You put a phone into an adapter, and your computer receives sound which is actually data.

The combination of them seen in the wild is the main surprise. While several people noted to not wipe it away, no one said its a hoax yet.

According to security expert Robert Graham there is a problem with reproducing:

We don’t know of any of this is real. Dragos could be having a psychotic episode where paranoia has gotten the best of him. Our industry is rife with paranoia, where our “Occam’s Razor” is tuned to believing that the most plausible explanation for everything “hackers”. Weird sounds coming from the speakers? OMG it’s a hacker!!

Also, Dragos hasn’t given us anything we can independently verify. If it’s a bad BIOS, Dragos can extract it and publish it. If a USB drive infects a system, Dragos can use a USB sniffer and dump all the packets going across the USB bus. If it’s ultrasonic audio, Dragos could record the sound in WAV files. He could publish all this stuff, and we could see for ourselves whether it’s real or not. That he hasn’t casts doubt on what he’s found.

But at the same time, this is Dragos Ruiu, a well-respected researcher for 15 years. If he says he’s got an infected BIOS, I’m going to believe him. Sure, he’s probably gotten some things wrong: just because “they” really are ought to get you doesn’t mean that “they” are responsible for every phenomenon you can’t explain. But on the whole, I (and many other old-time experts) believe that in the end, most everything he suspects will be confirmed.

To be continued I guess …

They were called acoustic couplers and I used them in my early days. You got only 300bps and they were very, very, unreliable. If you banged the desk whilst data was being transmitted you got errors for example.

This post is almost certainly a hoax. The data rate achievable would be in the bits per second range so transmission times would be long, and in a regular room the level of interference would make this so unreliable as to be useless.

It’s a fun hoax though. :slight_smile:

Interesting is: How this story will end.

Well, if you have the wrong iron you can allready put your computer in danger…