Malware That Can Survive OS Reinstalls

Page 1 of 6 123 ... LastLast
    Malware That Can Survive OS Reinstalls

    Malware That Can Survive OS Reinstalls


    Last Updated: 07 Oct 2020 at 09:36

    Chinese hackers may be using malware that can survive Windows OS reinstalls to spy on computers.

    Security firm Kaspersky Lab uncovered the malware, which exploits a computer’s UEFI (Unified Extensible Firmware Interface) to continually persist on a Windows machine.

    Attacking the UEFI is pretty alarming because the software is used to boot up your computer and load the operating system. It also operates separately from your computer’s main hard drive, and usually resides in the motherboard’s SPI flash memory as firmware. As a result, any malicious process embedded in the UEFI can survive an operating system reinstall while evading traditional antivirus solutions. ..


    Read more: Suspected Chinese Hackers Unleash Malware That Can Survive OS Reinstalls
    Grom0X's Avatar Posted By: Grom0X
    07 Oct 2020


  1. Paul Black
    Posts : 18,044
    Win 10 Pro 64-bit v1909 - Build 18363 Custom ISO Install
       New #1

    Interesting and enlightening read!
      My Computer
    Quote Quote

  3. Ghot
    Posts : 23,256
    Win 10 Home ♦♦♦19045.4355 (x64) [22H2]
       New #2

    Ah yes... the old BIOS (UEFI) infection, trick. I would assume that flashing the BIOS would fix that, but who really knows.
      My Computer
    Quote Quote

  4. jimbo45
    Posts : 11,247
    Windows / Linux : Arch Linux
       New #3

    Hi there
    some of this stuff is just sheer "Panic Features" or "Project Fear" again. !!

    Most Chinese hackers aren't interested in "Mom and Pop" domestic computers -- scamming is infinitely more profitable and so are attacks against Infra structure and mega large corporations of countries and entities that the P.R.C deems to be unfriendly to its aims or interests -- the recent attack on the British Health service was a prime example of that sort of approach (mind you had they had computers at the time of say "The US war of independence - finished 1776" - then even those would make that Nation's (UK) health service computers look like things from the age of the dinosaur --

    Most BIOS'es are strictly Read only and flashing them is usually done under control of aspecial boot up program - not under OS control.

    I'm sure latest updates to Ms's Windows defender will be on the case -- they can do these things far quicker than any 3rd party domestic / consumer grade Anti Virus package.

    100% Nothing to worry about folks if you regularly apply security updates.

    Cheers
    jimbo
      My Computer
    Quote Quote

  6. Faith
    Posts : 1,560
    Windows 10 Home 20H2 64-bit
       New #4

    Uh-oh. But I think this is mostly a concern for corporate environments and not much for regular home users.
      My Computer
    Quote Quote

  7. Ghot
    Posts : 23,256
    Win 10 Home ♦♦♦19045.4355 (x64) [22H2]
       New #5

    Faith said:
    Uh-oh. But I think this is mostly a concern for corporate environments and not much for regular home users.


    I dunno. I have some seriously valuable stuff on my computer.
    Like the original Zelda rewritten for the PC.
      My Computer
    Quote Quote

  8. Faith
    Posts : 1,560
    Windows 10 Home 20H2 64-bit
       New #6

    Ghot said:
    I dunno. I have some seriously valuable stuff on my computer.
    Like the original Zelda rewritten for the PC.
    You shouldn't have written that. Now they're on to you!
      My Computer
    Quote Quote

  9. jimbo45
    Posts : 11,247
    Windows / Linux : Arch Linux
       New #7

    Faith said:
    You shouldn't have written that. Now they're on to you!
    Don't you have Backup !!!!

    Cheers
    jimbo
      My Computer
    Quote Quote

  10. dencal
    Posts : 3,105
    W10 Pro + W10 Preview
       New #8

    jimbo45 said:
    Don't you have Backup !!!!

    Cheers
    jimbo
    Is Backup going to help if you reinstall on same computer?....same motherboard....Short answer NO.

    This is assuming they can infect UEFI.
      My Computers
    Quote Quote

  12. zebal
    Posts : 1,746
    Windows 10 Pro x64 22H2
       New #9

    Ghot said:
    Ah yes... the old BIOS (UEFI) infection, trick. I would assume that flashing the BIOS would fix that, but who really knows.
    Replacing motherboard removes this threat 100%
    The question is, are you ready to pay that price?
      My Computer
    Quote Quote

 

  Related Discussions
Since workspace background and other color preferences are not programmable under Win10, I've taken a tip from an MS Answers forum and made registry changes to do what earlier versions of Windows did through a built-in utility. There are two areas...
Every...i mean every anti malware blocked by unknown malware/virus
in AntiVirus, Firewalls and System Security

i have looked up this issue and apparently this must be a new one since there is no solution what so ever, even the hidden admin account is defenseless, here is what's going on 1. the PC got infected on windows defenders watch, the infection...
I might be thinking too positively, considering there would be no electric whatsoever, no way to get gasoline for generators, no way to access money at banks, no food in the stores, no service in the hospitals, etc., etc. But I'm thinking maybe...
Source
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 11:30.
Find Us




Windows 10 Forums