1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Researchers find insecure BIOS 'rootkit' pre-loaded in laptops

Discussion in 'News' started by UKDarkstar, Jul 31, 2009.

  1. UKDarkstar
    Honorary Member

    UKDarkstar Terabyte Poster


    Researchers find insecure BIOS 'rootkit' pre-loaded in laptops

    LAS VEGAS - A popular laptop theft-recovery service that ships on notebooks made by HP, Dell, Lenovo, Toshiba, Gateway, Asus and Panasonic is actually a dangerous BIOS rootkit that can be hijacked and controlled by malicious hackers.

    The service - called Computrace LoJack for Laptops - contains design vulnerabilities and a lack of strong authentication that can lead to “a complete and persistent compromise of an affected system,” according to Black Hat conference presentation by researchers Alfredo Ortega and Anibal Sacco from Core Security Technologies.

    Computrace LoJack for Laptops, which is is pre-installed on about 60 percent of all new laptops, is a software agent that lives in the BIOS and periodically calls home to a central authority for instructions in case a laptop is stolen. The call-home mechanism allows the central authority to instruct the BIOS agent to
    wipe all information as a security measure, or to track the whereabouts of
    the system.

    For it to be an effective theft-recover service, Ortega and Sacco explained that it has to be stealthy, must have complete control of the system and must be highly-persistent to survive a hard disk wipe or operating system reinstall.

    Full story : here
    Certifications: BA (Hons), MBCS, CITP, MInstLM, ITIL v3 Fdn, PTLLS, CELTA
    WIP: CMALT (about to submit), DTLLS (on hold until 2012)


    1. JK2447
      Very interesting mate, rep'd :D

      Could also be yet another way for big brother to trace our whereabouts :eek:

    Share This Page