Hackers to Use Malicious Hardware Instead of Virus Programs

American scientists at the University of Illinois warned on April 30, 2008 that criminal hackers are preparing to utilize malicious hardware instead of the comparatively less dangerous computer viruses to steal the usual user information like passwords and credit card numbers from the computers of victims.

Computer viruses that are downloaded either from an e-mail attachment or while visiting a Website, are the reasons for most of the attacks on PCs. Hackers install them to compromise a computer to subsequently use it to download additional malicious software or to send out spam.

Although anti-virus software is present to scan the computer for viruses, hackers fight back by writing further new viruses with different codes, or plant the code in such a region of the operating software, where the AV solutions can't reach to detect the code. So, anti-virus companies and hackers are continually racing to stay ahead of each other. And, now it seems that hackers are getting even more skilled to beat this anti-malware software.

Samuel King, Assistant Professor, the University of Illinois, Urbana-Champaign along with his team has shown how anyone can snatch control of a system by adding harmful circuits to the computer's processor, as reported by Vnunet on May 1, 2008.

While carrying out the demonstration, King's team elucidated that they employed a processor known as FPGA (field programmable gate array) in which rearranged circuits could create a copy of an already present open source processor known as Leon3. While the original processor has around 1.7 Million circuits, when the boffins are created, they attach about 1,000 new malicious circuits to Leon3.

Such malevolent circuits are undetectable to anti-virus because they act on the PC at such a level where the anti-virus software can't reach.

The newly arranged circuits are able to bypass the security controls deployed on Leon3 in just the same way as a virus allows a hacker to gain control over a computer, without the need for a software vulnerability.

The scientists concluded that ones hackers are able to connect the FPGA to a computer, they could steal passwords or plant malicious software allowing them to have control over the OS.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 5/7/2008