Skip to main content

Scientists Create Malicious Hardware


Urbana-Champaign (IL) - Are you concerned about spam and viruses? You ain’t seen nothing yet, believe researchers from the University of Illinois at Urbana-Champaign (UIUC): A next phase of more sophisticated viruses may not only exist in software, but may be deeply embedded in hardware, or what the scientists describe as "malicious circuits".

The good thing about all malware out there is that there are to protect your PC from an infection. Should your PC get infected, you can get rid of viruses, worms, Trojan horses, rootkits in a relatively comfortable way and hopefully without having to suffer too much damage. Hiding and finding malware has been a cat-and-mouse-game between spammers/virus authors and security software companies for several years and both sides have created an industry that is estimated to generate billions of dollars not only for malware detection products, but for spammers and virus authors as well.

Of course, this business only works if malware creators remain at least one step ahead of security firms. But if researchers from UIUC are right, then malware authors with enough resources could be setting a new stage for their game: Sam King, assistant professor in the department of Computer Science, and his colleagues said they were able to design "malicious circuits": According to a report published by the New Scientist, about 1000 malicious circuits were added to a 1.7-million open source FGPA called Leon3.

Imagine: Malware that is embedded in hardware by default is a dream come true for phishing threats, spammers who are trying to sell you mortgages and penis enlargers and virus authors trying to plant Trojan horses on your PC. But is that idea really feasible and effective? According to the researchers, yes. The project claims that it was able to exploit the "malicious" design to bypass not only the security controls in Leon3 and fly under the radar of anti-virus software, but to access passwords and other critical information on other computers when the FPGA was connected to them as well.

However, the threat of malicious hardware may not be quite as serious as this article makes it sound. To be effective, the hardware needs to be designed and then physically installed in a target system in the first place, which is certainly possible, but much more difficult than simply sneaking a piece of software through a website, email or download onto your PC. King told TG Daily that he was not aware of any existing hardware-based threat.

Still, we know that there are several professional spammers out there with enough resources to come up with harmful hardware. If they see a purpose in such a product and if they see an opportunity of financial gain, it is just a matter of time until such products will surface.

Malware targeting hardware, by the way, isn’t an entirely new idea. There have been several attempts to use software to capture or damage certain hardware on a computer. The most visible virus probably was CIH, which was released back in 1998. CIH impacted a PC at its most critical level by overwriting the BIOS with garbage code, which essentially rendered a PC useless since it was unable to boot up. In order to repair an infected system, the BIOS chip needed to be replaced - which meant that affected users ended up replacing the motherboard.

Wolfgang Gruener is Director, digital strategy and content experience at American Eagle, where he specializes in strategic data analysis, user behavior models and information architecture (IA), as well as content strategy and governance. He was also Managing Editor of the website TG Daily and contributor to sites including Tom's Guide and Tom's Hardware.

  • navvara
    Ah CIH...what fond memories do I have of that little virus. Back in highschool I passed a Diablo 2 CD infected with CIH to pretty much everyone who wanted it. My computer's BIOS was protected against overwritting (praise dell) but a lot of my classmates weren't so lucky....Ah the happy times
  • Turas
    Not to often you see a "Praise Dell" comment.
  • If a FGPA could have circuit modifications on the fly, then this would be an issue, although you would have to have a software component to deliver the payload.