Interesting Snippets from 2012-08-21

• Researcher creates proof-of-concept malware that infects BIOS, network cards

  Rakshasa, named after a demon from the Hindu mythology, is not the first malware to target the BIOS -- the low-level motherboard firmware that initializes other hardware components. However, it differentiates itself from similar threats by using new tricks to achieve persistency and evade detection.

  Rakshasa replaces the motherboard BIOS, but can also infect the PCI firmware of other peripheral devices like network cards or CD-ROMs, in order to achieve a high degree of redundancy.

  Rakshasa was built with open source software. It replaces the vendor-supplied BIOS with a combination of Coreboot and SeaBIOS, alternatives that work on a variety of motherboards from different manufacturers, and also writes an open source network boot firmware called iPXE to the computer's network card.

• littleblackbox - Database of private SSL/SSH keys for embedded devices - Google Project Hosting

  LittleBlackBox is a collection of thousands of private SSL and SSH keys extracted from various embedded devices. These private keys are stored in a database where they are correlated with their public certificates as well as the hardware/firmware that are known to use those private keys.

[/snippets] permanent link