Skip to main content

First BIOS Rootkit Lurking in the Wild

A group of security researchers have recently found a new and quite complicated rootkit, aimed at victimising computers’ BIOS (Basic Input/Output System).

Such is the threat level of this newly discovered rootkit that not only it is tough to detect and successfully carry out the extermination process, the threat persists even after physically replacing the hard drive of the system itself.

Dubbed Mebromi, this new rootkit was first discovered by a Chinese security firm while it was victimising users in the wild. However, as of now other security firms have also managed to get a copy of the malware so that they can analyse it further.

According to a revelation made by Webroot, the malicious program is consist of a BIOS rootkit, a kernel mode rootkit, a MBR rootkit, a Trojan downloader as well as a PE file infector.

"Storing the malicious code inside the BIOS ROM could actually become more than just a problem for security software, giving the fact that even if an antivirus detect and clean the MBR infection, it will be restored at the next system startup," explained Webroot's Marco Giuliani, according to a report by the Net Security.