Malicious tool hides in hardware to open backdoors into computers
‘Rakshasa’ gives intruders secret remote access into systems.
A security researcher has demonstrated that software can be hidden inside computer hardware to open up a back door granting intruders persistent remote access via the Internet, Technology Review reports.
Jonathan Brossard, founder of French security firm Toucan System, showed that a malicious tool called Rakshasa, when installed into a computer BIOS chip -- the hardware that contains code a computer runs to boot up the operating system -- would allow a hacker to get into a system and take control of it. When a computer with Rakshasa installed is switched on, the software looks for an Internet connection to fetch code it needs to compromise the system, according to the report.
The code Rakshasa fetches disables security controls. As the computer's operating system is booted up, Rakshasa takes advantage of the privileges granted to execute tasks such as stealing of passwords and data.
Rakshasa, named after a Hindu demon, also takes advantage of other potentially vulnerable aspects of computer architecture, such as a network card, CD-ROM, or sound card, Forbes highlighted.
Brossard demonstrated the hack in a demo at the security conference Black Hat in Las Vegas in late July. He was able to get Rakshasa to override the password authentication of a computer with Windows 7 installed, Technology Review reported.