Hackers look to 'hardware viruses'

By

Criminal hackers are creating malicious hardware which experts warn will be much more difficult to detect than conventional software-based malware.


A team led by Samuel King, assistant professor at the University of Illinois, Urbana-Champaign, has demonstrated how to gain control of a computer by adding malicious circuits to its processor.

Such circuits are effectively invisible to antivirus and other security software because they interfere with the computer at a deeper level than a software-based virus or even a rootkit.

King's team explained to New Scientist that they used a processor called a field programmable gate array (FPGA), in which logic circuits can be rearranged to create a replica of an existing open source processor called Leon3.

The original processor contains around 1.7 million circuits, but the boffins added about 1,000 malicious circuits not present in Leon3.

The new circuits allowed them to bypass security controls on Leon3 in a similar way to which a virus hands control of a computer to a hacker, but without requiring a flaw in a software application.

When the scientists connected the FPGA to another computer, they were able to steal passwords and install malicious software that allowed the operating system to be controlled remotely.

"Once you have this mechanism in place, you can do whatever you want," King told New Scientist.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
hackershardwarelooksecuritytoviruses

Sponsored Whitepapers

Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Datacom + Microsoft Azure: Turn Ideas Into Impact in Just 4 Weeks
Protect APIs. Protect Your Business.
Protect APIs. Protect Your Business.
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
KnowBe4 Benchmark Report: Reducing Human Risk & Phishing Vulnerability in ANZ
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond

Events

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack
Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks
Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"
SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?