CPU

The Ultimate Backdoor: Hackers Can Infect Your Processor

The exploit would allow hackers to take full control over the computer

By Bogdan Botezatu, Hardware Editor

16th of April 2008, 07:17 GMT

Adjust text size:

CPU attacks are not detectable using antivirus software

Software bugs and computer viruses were hackers' favorite means of taking over your computer. However, things could get a lot worse with the advent of a new threat, that aims directly at

computers' hardware components.

A group of researchers at the University of Illinois at Urbana-Champaign managed to hack into a computer processor, then gain full control over the infected system. Setting this kind of backdoor is not piece of cake, but once carried to completion, it won't be detectable neither by user, nor by antivirus software.

The researchers used a specially crafted, programmable microprocessor that runs on a Linux operating system. The microprocessor would inject malicious firmware into the main processor's memory, a type of code that allows a remote attacker to seize control over the entire computer. The altered firmware affects only a small portion of the processor's silicon (1,341 logic gates out of more than 1 million).

According to Samuel King, an assistant professor in the university's computer science department, this exploit is extremely efficient and works independently. "This is like the ultimate back door," said King. "There were no software bugs exploited."

The team yesterday demonstrated the attack using a LEON processor running the Linux operating system. The LEON design is somewhat similar to Sun's SPARC series of processors, that power a large number of servers worldwide, including the ones in the International Space Station.

The attacker only has to send a network packet to the target computer, that would trigger the firmware rewrite. Right after the rewrite is complete, the attacker can log on to the system. "From the software's perspective, the packet gets dropped� and yet I have full and complete access to this underlying system that I just compromised," King said.

This kind of attack is 100 percent efficient, but in order to succeed, hackers would have to install a malicious CPU onto the target computer, which is extremely difficult. "This is not a script kiddie attack," he continued. "It's going to require an entity with resources."

TAGS:

CPU | hacker | SPARC | malicious code

SEARCH THE NEWS ARCHIVE :

Today's News | Yesterday's News | News Archive

User opinions:

Comment #1 by: Dijit on 29 May 2008, 17:47 GMT

reply to this comment

it's iimpossible to do
to do a firmware re-write you have to be in SH
the lowest level of computers...
it goes like this.
BIOS>sh>DOS>windows(or)X

BIOS can't receive information.

sh is where you update firmware. but. it cannot receive packets
it does Firmware re-writes as allocated in the soft-boot section of your harddrive (just before you get the option to go into safe mode ect)

it can't read from anywhere else, unless you tell the BIOS to boot from there
you'd have to Intentionally get yourself infected and it's not exactly as simple as double clicking an icon on your desktiop

Share your opinion:

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| ENTER NEWS SITE \| ENGLISH BOARD \| ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved. Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use \| Update your software \| Archive

NEWS CATEGORIES:

CPU