Difference between revisions of "Malware"
(Bad bios) |
(adjusting link) |
||
Line 20: | Line 20: | ||
===Bad bios=== | ===Bad bios=== | ||
− | Bad bios was a malware that the IT security researcher [[Dragos Ruiu]] reported about in [[2013]].<ref>https://arstechnica.com/information-technology/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/</ref><ref>https://threatpost.com/dragos-ruiu-on-the-badbios-saga/102823/</ref><ref>http://archive.today/2019.08.29-062629/https://en.wikipedia.org/wiki/BadBIOS</ref> According to his account back then, the malware could infect computers via USB, could get persistence in the system while not using the regular storage space and it communicated with other infected devices via inaudible sound.<ref>https://blog.trendmicro.com/badbios-sometimes-bad-really-bad/</ref><ref>https://news.softpedia.com/news/BadBIOS-Malware-Reality-or-Hoax-396177.shtml</ref><ref>https://nakedsecurity.sophos.com/2013/11/01/the-badbios-virus-that-jumps-airgaps-and-takes-over-your-firmware-whats-the-story/</ref><ref>https://security.stackexchange.com/questions/44750/malware-that-can-survive-bios-re-flashing</ref><ref>https://www.techspot.com/news/54560-badbios-the-unstoppable-malware-that-infects-firmware-jumps-airgaps.html</ref><ref>https://blog.erratasec.com/2013/10/badbios-features-explained.html</ref><ref>https://securityaffairs.co/wordpress/20182/hacking/malware-inaudible-audio-signals.html</ref><ref>https://www.csoonline.com/article/2609678/nsa-s-backdoors-are-real----but-prove-nothing-about-badbios.html?page=2</ref> All attack angles and "features" have at the time already been proven as possible by security researchers, the reporting however was never followed up on and Ruiu made no further comment.<ref>https://web.archive.org/web/20161029014619/http://www.bleepingcomputer.com/forums/t/590983/how-do-i-know-the-bad-bios-exists-and-how-to-save-my-computer/</ref> | + | Bad bios was a complex malware that the IT security researcher [[Dragos Ruiu]] reported about in [[2013]].<ref>https://arstechnica.com/information-technology/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/</ref><ref>https://threatpost.com/dragos-ruiu-on-the-badbios-saga/102823/ saved at [https://web.archive.org/web/20131205043656/https://threatpost.com/dragos-ruiu-on-the-badbios-saga/102823/ Archive.org] saved at [https://archive.is/OzmGF Archive.is] || [https://web.archive.org/web/20131206020310/http://kasperskycontenthub.com/threatpost/files/2013/11/digital_underground_132.mp3 Archive of MP3]</ref><ref>http://archive.today/2019.08.29-062629/https://en.wikipedia.org/wiki/BadBIOS</ref> According to his account back then, the malware could infect computers via USB, could get persistence in the system while not using the regular storage space and it communicated with other infected devices via inaudible sound.<ref>https://blog.trendmicro.com/badbios-sometimes-bad-really-bad/</ref><ref>https://news.softpedia.com/news/BadBIOS-Malware-Reality-or-Hoax-396177.shtml</ref><ref>https://nakedsecurity.sophos.com/2013/11/01/the-badbios-virus-that-jumps-airgaps-and-takes-over-your-firmware-whats-the-story/</ref><ref>https://security.stackexchange.com/questions/44750/malware-that-can-survive-bios-re-flashing</ref><ref>https://www.techspot.com/news/54560-badbios-the-unstoppable-malware-that-infects-firmware-jumps-airgaps.html</ref><ref>https://blog.erratasec.com/2013/10/badbios-features-explained.html</ref><ref>https://securityaffairs.co/wordpress/20182/hacking/malware-inaudible-audio-signals.html</ref><ref>https://www.csoonline.com/article/2609678/nsa-s-backdoors-are-real----but-prove-nothing-about-badbios.html?page=2</ref> All attack angles and "features" have at the time already been proven as possible by security researchers, the reporting however was never followed up on and Ruiu made no further comment.<ref>https://web.archive.org/web/20161029014619/http://www.bleepingcomputer.com/forums/t/590983/how-do-i-know-the-bad-bios-exists-and-how-to-save-my-computer/</ref> |
==Spyware== | ==Spyware== |
Revision as of 22:02, 19 February 2021
![]() (software) ![]() ![]() | |
---|---|
![]() One of many apps from the Google Play Store which secretly installed the Exodus spyware on its victims' phone. | |
Interest of | • HBGary • Dragos Ruiu • Security Without Borders |
Bad software, such as spyware or viruses |
Malware is an umbrella term for bad computer software. Colloquially, this may include software which just unwanted, or annoying ("scumware", "nagware", "bloatware", "shovelware" etc.) but the primary meaning is software which by design presents a threat to the user, such as computer viruses or spyware. Malware in general is more associated with extortion of money and fraud, but it can be used by anyone with the technical capability for any purpose.
Contents
Pre-installed malware
In August 2019, Google warned that tens of millions Of Android smartphones come preloaded with malware, and that "if malware or security issues come as preinstalled apps, then the damage it can do is greater".[1] A related problem with the presence of malware in the firmware of smartphones dates back to early 2014, it is a form of backdoor via hardware which can not be deleted, or only with highly specialised equipment.[2][3]
After a vulnerability was found in the Lenovo Solution Centre, Lenovo left it unfixed, but changed the software's end-of-life date to make it seem less important.[4]
Hardware backdoors
- Full article: Backdoor
- Full article: Backdoor
Backdoors into the hardware of consumer PC's are possible and even likely to be used on a wide scale by intelligence agencies, bypassing security monitoring on the level of the operating system.
Bad bios
Bad bios was a complex malware that the IT security researcher Dragos Ruiu reported about in 2013.[5][6][7] According to his account back then, the malware could infect computers via USB, could get persistence in the system while not using the regular storage space and it communicated with other infected devices via inaudible sound.[8][9][10][11][12][13][14][15] All attack angles and "features" have at the time already been proven as possible by security researchers, the reporting however was never followed up on and Ruiu made no further comment.[16]
Spyware
- Full article: Spyware
- Full article: Spyware
Spyware is created to exfiltrate users' data or facilitate surveillance of users. Its origins include criminal gangs, individuals, private companies[17] and intelligence agencies.
Viruses
- Full article:
Computer virus
- Full article:
Computer viruses may go beyond spying to have a payload intended to destroy data and/or hardware (for example, Stuxnet, intended to damage the Iranian centrifuges used to refine uranium).
Installation
"AT&T employees took bribes to unlock millions of smartphones, and to install malware and unauthorized hardware".[18]
Examples
Page name | Description |
---|---|
Backdoor | A covert means of gaining unauthorised and/or unmonitored access to a computing system. |
Computer virus | |
Fysbis | A simple yet effective Linux Trojan. |
Pegasus (spyware) | Trojan/malware created by NSO group/Unit 8200, used worldwide. |
Ransomware | |
Spyware |
Related Quotation
Page | Quote | Author | Date |
---|---|---|---|
Backdoor | “Every year, we learn about some issue in WhatsApp that puts everything on their users' devices at risk. Which means it's almost certain that a new security flaw already exists there. Such issues are hardly incidental – they are planted backdoors. If one backdoor is discovered and has to be removed, another one is added” | Pavel Durov | 5 October 2022 |
Related Document
Title | Type | Publication date | Author(s) | Description |
---|---|---|---|---|
File:Operation-shady-rat.pdf | report | 2 August 2011 | Dmitri Alperovitch |
References
- ↑ https://www.forbes.com/sites/zakdoffman/2019/08/10/google-warning-tens-of-millions-of-android-phones-come-preloaded-with-dangerous-malware/
- ↑ https://securelist.com/caution-malware-pre-installed/59356/ saved at Archive.org saved at Archive.is
- ↑ https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q2_2015_EN.pdf saved at Archive.org
- ↑ https://www.theregister.co.uk/2019/08/23/lenovo_solution_centre_cve_2019_6177/
- ↑ https://arstechnica.com/information-technology/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/
- ↑ https://threatpost.com/dragos-ruiu-on-the-badbios-saga/102823/ saved at Archive.org saved at Archive.is || Archive of MP3
- ↑ http://archive.today/2019.08.29-062629/https://en.wikipedia.org/wiki/BadBIOS
- ↑ https://blog.trendmicro.com/badbios-sometimes-bad-really-bad/
- ↑ https://news.softpedia.com/news/BadBIOS-Malware-Reality-or-Hoax-396177.shtml
- ↑ https://nakedsecurity.sophos.com/2013/11/01/the-badbios-virus-that-jumps-airgaps-and-takes-over-your-firmware-whats-the-story/
- ↑ https://security.stackexchange.com/questions/44750/malware-that-can-survive-bios-re-flashing
- ↑ https://www.techspot.com/news/54560-badbios-the-unstoppable-malware-that-infects-firmware-jumps-airgaps.html
- ↑ https://blog.erratasec.com/2013/10/badbios-features-explained.html
- ↑ https://securityaffairs.co/wordpress/20182/hacking/malware-inaudible-audio-signals.html
- ↑ https://www.csoonline.com/article/2609678/nsa-s-backdoors-are-real----but-prove-nothing-about-badbios.html?page=2
- ↑ https://web.archive.org/web/20161029014619/http://www.bleepingcomputer.com/forums/t/590983/how-do-i-know-the-bad-bios-exists-and-how-to-save-my-computer/
- ↑ For example, eSurv which created the Exodus spyware
- ↑ https://archive.fo/djFGd