A BIOS level malware attack was presented last month by Alfredo Ortega and Anibal Sacco from Core Security Technologies.
The attack does not take advantage of any system’s vulnerability, thus a system can be compromised silently. The most important fact is that the attack “survives” reboots, hard-disk wipes, or even re-installations of operating system.
Although the execution of the attack needs either root privileges or physical access to the machine, once the attack successfully executed, attacker gains complete control of the machine forever.
Source: ZDNet
