The IT department at my college released an odd report of a strange virus that attaches itself to the BIOS and deletes critical system files before boot. Their exact words from the email:
"Dear IT Students,The IT department has released a report today that the campus network has been infected with a home-brew virus by a student over the course of the past two weeks. Do not connect to any routers or hubs, especially VPNs, until this matter is resolved. So far there have been reports of NT directories such as WINDOWS and the NTLDR missing from the systems. Virus scanners will NOT detect this virus! This is a BACKEND attachment.We would allow you guys to attempt to fix this problem had you the qualifications. If anyone can, however, feel free to assist us.Many thanks,Doc Holliman"Epic fail.
It's not an epic fail at all, there's very little a sysadmin can do to defend against a malicious attacker who knows the system well, they can just try and clear up the mess. A bios-level virus that spreads through the network, though? That's impressive. And downright scary.
windows back up disc anyone?
Apparently "BIOS-level virus" doesn't hint anything. It's seeded to the BIOS before the OS boot, so it executes raw data and has high-level access because it can call itself just like an OS. To those who have the misfortune of being infected with a BIOS-level virus there is nothing you can do to your hard disk that will get rid of it. That includes backing up. To get rid of it you'd have to change your jumper settings and flash your BIOS, then reinstall the BIOS firmware and rewrite your hard disk. Not fun. Not fun at all.
Now is a good time to get windows 7.
If you're flashing your bios and wiping your hard drive you may as well get SOMETHING out of it.
well, you can flash the bios but replace it without destroying your hard drive…some how… well I'm happy that I have two BIOSes so I won't have to worry about this crap.
aw, that sucks, and I didn't mean it wouldn't happen on Win7, but that now that you need a new operating system may as well get 7.