Security researchers at FireEye / Mandiant [say] "We identified the presence of a financially-motivated threat group that we track as FIN1, whose activity at the organisation dated back several years."
[...] "FIN1 used this malware to access the victim environment and steal cardholder data. The group, which may be located in Russia, is known for stealing data that is easily monetised from financial services organisations such as banks, credit unions, ATM operations, and financial transaction processing and financial business services companies."
[...] The malware's installation location also means it will persist even after re-installing the operating system, widely considered the most effective way to eradicate malware.
Can we all agree that updating firmware should require the movement of a physical jumper?
(Score: 2) by jmorris on Tuesday December 08 2015, @09:25PM
This is not a BIOS attack so forget the jumper. It is just a Windows boot attack and a reference to a different MBR based attack.
And you don't even need a jumper anyway, only to forbid BIOS updates from after booting, limit it to the BIOS itself where you have to boot into setup, pick update BIOS and have the file on a USB stick. Solves 99% of the problem. Better still would be if the industry could come together and establish a standard where EVERYTHING inside the case that makes use of upgradable firmware could gate access in a standard way. Then the BIOS could not only update itself but the attached drives and other bits as well. That would allow the BIOS/bootrom to throw the locks on the drives, network adapter, etc. right before loading and transferring control to the first stage boot code.
(Score: 2) by Urlax on Tuesday December 08 2015, @09:45PM
isn't this how smartphones work?
those can't be unlocked either..
there was a moment in time the jailbraking process could be done from a website, due to browser bugs and privilige escalations..
(Score: 0) by Anonymous Coward on Tuesday December 08 2015, @10:19PM
the jailbraking process
The process of reducing the speed of your jail? Does it involve retro-jets?
(Score: 2) by VanessaE on Wednesday December 09 2015, @04:26PM
How do you get the updated BIOS image onto that stick without risking the file itself being compromised (e.g. some virus modifies the file at some point between downloading it and flashing it out)?
(Score: 2) by jmorris on Wednesday December 09 2015, @05:04PM
That is a pretty solved problem. RSA signatures are a commonplace solution.