Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps

Although it is Halloween, this story is definitely not fiction. Security consultant Dragos Ruiu was working in his lab a few years ago when his freshly updated MacBook spontaneously updated its BIOS and rebooted. It was infected by what he calls “badBIOS” and it’s capable of attacking both Macs and PCs.

Although it’s not yet fully understood, it appears to travel via USB storage devices and may even be able to infect machines that have never seen a USB drive via an ability to use high-frequency transmissions passed between computer speakers and microphones to bridge airgaps. This is a capability that had been demonstrated in controlled conditions but until now had never been seen outside a lab.

Until this is fully understood and measures available to combat it, it’s probably a good idea to never plug a USB drive or memory stick into your machine that’s not yours. Though to be honest, that’s always a good idea.

[Update 11/12/2013] More reason to doubt this story, or at least some of it.

[Update 11/6/2013] It appears other researchers are having trouble duplicating Ruiu’s findings. Stay tuned folks, this is far from over.

Leave a Reply