Blogs

Mysterious "unkillable" computer virus could be new kind of cyberweapon - or is it?

A researcher and his team have battled the infection for three years - and believe it spreads using sound, so it can infect machines nearby.

By Chris Hall | Yahoo News

Yahoo News - Is BadBIOS a new kind of weapon? (Rex)

Somewhere in a Russian computer lab lurks a computer virus so deadly, so indestructible that it can spread even when machines are disconnected from Wi-Fi - or power cables.

A researcher and his team have battled the infection for three years - and seen it infect Macs and PCs, and return even once machines have been wiped.

Dragos Ruiu calls it “BadBIOS”, and claims that it is “the tip of the warhead” - a new type of cyberweapon, which he believes spreads by sound.

It can infect PCs or Macs with equal ease.

British tech site The Register are a little more sceptical, describing it as The Loch Ness Monster of computer viruses.

“This "virus" is pure rumour and conjecture currently. No actual sample has been identified,” says Orla Cox of Symantec. “As a result Symantec is not in a position to comment right now.”

Its most terrifying power, according to Ruiu, is the ability to hurdle “air gaps” - a last ditch security measure where PCs are disconnected from any system that might lead to the internet.

Ruiu’s machines - even ones he had “cleaned” - acted as if they were connected to the internet, he says.

“How can the machine react and attack the software that we're using to attack it? This is an air-gapped machine and all of a sudden the search function stopped working,” he said, in an interview with Ars Technica.

Ruiu admits that BadBIOS sounds like “the stuff of urban legend” - but says he will reveal more in two weeks’ time.

On Twitter, he and fellow security researchers are analysing sounds from the lab, to see if the infected machines are somehow sending signals. He also supplied other researchers with forensic data - but has met with raised eyebrows.

"I am getting increasingly skeptical due to the lack of evidence," researcher Arrigo Triulzi told Ars Technica, who ran the original piece.

Research from the University of Birmingham at Alabama proved earlier this year that even low-powered PC speakers could send “messages” - short signals which could be used as a trigger in a cyber attack.

Whether this is enough to explain Ruiu’s three-year nightmare remains to be seen.

Ruiu says that his infection may be a warning - “the first stages of a larger attack.”

Sites such as Techworld speculate it could be something that accidentally escaped from a lab - or even perhaps, part of a cyberweapon designed by a nation state. Ruiu recently discovered that it could spread via infected USB memory sticks - a hint that it’s designed to attack industrial systems, with isolated computers.

This computer 'virus' scam will cost you big
lovemoney.com – Fri, Feb 8, 2013 15:52 GMT

My phone rings. It's a cheap internet call from India. But it's not a so-called “consumer survey”. Instead, it's “Alex Carter”. And he is serious – he works for an information technology support team.
He warns me my computer is full of harmful viruses and that the processor has “already almost stopped working.” Even worse, my “percentage error levels” have hit 85. And how does he know all this?
He's a “Microsoft Certified” engineer who has discovered these “facts” because he has scanned my machine via my wireless modem.
Knowing this to be a scam but pretending to be worried, I ask what to do. “I can provide free assistance. But I am a technician, not a magician so I don't know what my colleagues will offer.” As I had to catch a train, I told Alex to call back the next morning.
To my amazement, he did. He told me he worked for a firm called British IT Solutions which was the “only company in the UK helping Microsoft.” He was getting “very harmful internet reports” from my number. The computer was turned off.
“How do you know?” The reply came: “The computer is linked to the router, and the router is linked to the phone line.” This is, of course, a statement of fact and not an explanation.
“Some processors have already stopped working and the computer is sending signals to Microsoft Global Services of many errors,” he informed me.
I enquired how I could fix the problem as I knew “processor failures and viruses were very harmful”.
Assuring me that this was not a sales call, Alex told me to turn my computer on. I did not so I asked again about Microsoft. “The computer sends errors to Microsoft and it passes them on to us as we are part of a certified tech team. You don't need to pay a single penny and we'll show how to delete the errors, warnings, and other problems in my computer. It is my job to tell you about this.”

The lies get bigger

I then revealed that my computer does not run on Windows – it uses a variant of the Linux operating system called Ubuntu. He was confused for a second but not put off. Alex had been trained with a just about plausible, although false, line for those with Apple or other operating systems.

“Because you are running Linux, all internet companies are connected to the global server run by Microsoft which sends us error messages.”

Telling him my machine was working perfectly did not deter him either. “It may appear fine at the moment, but errors and warnings create a problem slowly, then come faster and when they multiply. After a few months your computer will crash and you will lose all your data.”

Scary stuff but a nasty cocktail of unmitigated rubbish and blatant lies.

I finally asked about the firm's website. He said it was part of RedHat.com.

Another outright and outrageous lie. Just as there is absolutely no link between this cold caller in India and Microsoft (whose website has a disclaimer), there is also no connection between the scam firm which phoned me and Red Hat, a US software support company which specialises in Linux applications. Red Hat, a US quoted company worth around $11billion, has told me that using its name in this way is not just confusing, it is criminal. There appears to be no trace of British IT Solutions.

What would have happened

Had I been a nervous person or a computer novice, it would have been all too easy to fall for this long running scam which has resurfaced after a quiet year or two. The perpetrators hope that the interval means we have forgotten the previous warnings.

And here's what would have happened. I would likely have been asked to download remote access software which would have allowed Alex's friends to control my machine from India. They would then have downloaded malware and then charged me up to £185 (plus £100 annual fee) to remove it.

Either way, it's big bucks for them and even if Alex only fooled one person a day, he will have earned his employers far more than he costs.

This call was simply computer garbage. The sooner these people are sent to prison the better – sadly vulnerable people fall for their nonsense every day.

No computer animation - Wonderful Walt Disney video

This movie was made after World War 2; the American Government was afraid that Brazil might be a Communistic country and asked Walt Disney to make a movie that could help to "be friends" with Brazil...no computer animation, because there were no computers in that time :-)

https://www.youtube.com/watch_popup?v=_mQHr8bAojU&vq=small