Implementing And Detecting An Acpi Bios Rootkit presented at Blackhat Europe 2006

by John Heasman,

Tags: Security Development

Summary : As rootkit detection tools become more sophisticated, the rootkit writer must strive to leave less of a footprint and inhabit areas that detection tools do not currently interrogate. One such area, the BIOS, has many associated difficulties in development and deployment but offers numerous benefits over ‘traditional’ rootkits—namely it leaves no trace on disk and can survive reinstallations in order to infect new operating systems.