The recent media attention on rootkits has been focused on installed software, but according to some security professionals at the Black Hat Federal security conference, these kits could be installed on your motheboard's BIOS chip in the near future. Often running a programming language of their own, these chips store the basic command and control functions of the computer. In an article written by Robert Lemos of SecurityFocus, security researchers say that rootkits could take advantage of this language and are the "next logical step".
BIOS chips contain machine language which interprets hardware commands coming from the Operating System into instructions the CPU and other peripheral devices can use. Researchers theorize that with the proper tools someone could install their own malicious software that would be undetectable by the operating system. There have been viruses in the past, like the Chernobyl or CIH virus, which have tried to erase your BIOS information, but a rootkit would be the first time when someone has tried to actually have malicious piece of software reside on the chip.
How soon could a BIOS based rootkit come out? Greg Hoglund, editor of Rootkit.com and the guy who spilled the beans about the Warden monitoring program in World of Warcraft, told Lemos that it would be about a month before malware starts appearing. However, actually flashing the BIOS with a malicious rootkit could be difficult and John Heasman, a security consultant for Next-Generation Security Software, told Lemos that there are usually physical jumpers on the motherboard that prevent writing to the chips.
