Researchers Report Spike In Boot Time Malware 132
wiredmikey writes "In their most recent intelligence report, Symantec researchers pointed out a massive increase in the amount of boot time malware striking users, noting there have already been as many new boot time malware threats detected in the first seven months of 2011 as there were in the previous three years. Also known as MBR (master boot record) threats, the malware infect an area of the hard disk that makes them one of the first things to be read and executed when a computer is turned on. This enables the threats to effectively dodge many security defenses."
Re:BIOS password (Score:5, Interesting)
Not correct. Most of the MBR infections seem to be on Win7 64bit.
These programs set themselves up before anyone notices and we have little opportunity to react by modifying the bios from the default.
These programs will also write virtual file (system) that is encrypted and hence the malware can't scan it to find and remove the viruses.
What they are also missing in their explanation of the increase is that these malware guys are doing far more than just modifying that portion of the drive. They will erase all your "all programs" folder contents and hide all your personal files and modify the registry and other permissions making it very difficult to recover from even when you discover they are there and try a removal procedure.
What Symantec also didn't explain was that it takes a lot of work to rid the computer of these viruses and that the average antivirus tools are highly unsuccessful at the removal. None of the antivirus software tries to correct the problems created even if they can get rid of the virus. I know some anti-malware apps try to reset some registry keys to default, but that's not what I'm talking about.
You can really screw things up unless you know what you are doing. Even Microsoft has thrown their arms up at times giving up with the directive that you should erase first in some cases because you just can't be sure you got rid of the malware.
Of course this emboldens the malware authors because it tells them that they are headed in the right direction or are already successful. Hell, if you can get the biggest software company in the world to give up then you win.