Aurich Lawson / Thinkstock Five days after Ars chronicled a security researcher’s three-year odyssey investigating a mysterious piece of malware he dubbed badBIOS, some of his peers say they are still unable to reproduce his findings. “I am getting increasingly skeptical due to the lack of evidence,” fellow researcher Arrigo Triulzi told Ars after examining forensic data that Ruiu has turned over. “So either I am not as good as people say or there is really nothing.” As Ars reported last week, Ruiu said the malware first took hold of a MacBook Air of his three years ago and has since infected his laboratory computers running Windows, Linux, and BSD.

Even more intriguing are his claims the malware targets his computers’ low-level Basic Input/Output System (BIOS), Unified Extensible Firmware Interface (UEFI), or Extensible Firmware Interface (EFI) firmware, and allows infected machines to communicate even when they’re not connected over a network.     

Leave a Reply