| The NSA have been using Hard Drive Firmware exploits for years. Such an attack could hide malware that also survives a format[0] (Which is why I brought up a drive replacement in my prev post). I wouldn't be surprised if the same can't be done with SSD Firmware too (we have already seen people do "bad things" with USB Memory sticks [1]) Also if a full BIOS flash has been performed you might be SOL as after a power cycle the modified BIOS is now the first thing loaded by your system (Or it might be the VBIOS, its been a while.) which could prevent future flashing of the BIOS or fake the flashing process but not actually flash anything. If you have a board that can recovery flash you might be able to recover but how do you trust the system afterwards? As the BIOS is usually stored on a SPI Flash you could use an external programmer to dump the content of the flash and do a diff on the firmware file. You have to think about who is your attacker. Are the Kiddies going to go to such lengths to stay persistent on a consumers laptop they use as a facebook machine? Prob not. But is it outside the scope of a determined attacker (or nation state) who managed to get a first stage attack malware inside a large company? IMO it would depend on how valuable they determine access to your network / data is. [0] https://www.theregister.co.uk/2015/02/17/kaspersky_labs_equa... [1] https://www.youtube.com/watch?v=nuruzFqMgIw EDIT: I've not spoke about VBIOS infections as the GPU Vendors on at least modern cards have been really locking down their GPUS and as far as I've seen, I've yet to see any credible claims of attacks on GPU's in the wild (They could be out there, I've just not come across any.). But such an attack would be scary as hell (imo) as its a black box that has DMA access to the CPU (think like the Mac Thunderbolt attacks of old) and other devices on the PCI-e bus. Its one of the places I would be spending my time researching. |