Ask HN: My laptop has a bios level keylogger my security is at threat help
I have the following laptop - http://www8.hp.com/in/en/ad/ultrabooks/intel.html
I have been encountering suspicious activities and private data getting out.
It has been informed to me that,its either a bios level keylogger or a virus that catches your camera is creating trouble for me.
I searched the net, could not help myself. I formatted the laptop, scanned bios still things are not safe.
Please help!
21 comments
[ 3.2 ms ] story [ 50.9 ms ] threadWhat did you scan your bios with?
How did you format your laptop?
What system are you running? Windows 8 or 7?
How did you activate your windows OS?
What is the exact model number of your laptop?
answer as much as possible so I can help
and http://www.malwarebytes.org/
usb device.
win 8, i had a genuine iso file and keys.
Model - 41113TU Product - C7D86PA#ACJ
Scan with this tool called kaspersky anti rootkit TDSSKiller
http://support.kaspersky.com/us/5350#block1
If you find something delete it.
But just to be extra safe re flash your bios/ update it and then scan afterwards to see if anything pops up.
Had tried that TDSSKiller earlier.
http://h10025.www1.hp.com/ewfrf/wc/softwareDownloadIndex?sof...
So having flashed the BIOS and upgrading it, should I be secure that there is no rootkit inside the machine?
Just ugh try not downloading random cracked programs and open up any spam emails.
Is it possible for me to monitor any communication that is going at BIOS level?
I am not aware of any easy way of monitoring BIOS level communications. If you are afraid that the BIOS has been compromised by a virus then I would suggest that you update the BIOS with an update from the vendor's web site. Even if it the same version that's installed.
If you are worried that the machine's vendor has somehow added spying routines into the BIOS, then for safety's sake don't use the machine for work, or for any secure info. Use it only play.
Please post some detailed analyiys of what's going on here. What data gets out? What type of suspicious activities?
- Have you tried package-capturing with wireshark on the internet connections your laptop makes?
- Are you sure that there's no other attack point in your network that could be more easily infected than a BIOS?
- Have you checked your phone for instance?
- Have you checked the Master Boot Record of your harddrive?
- Have you checked your router?
- Have you tried unhackme (rootkit scanner) ?
A BIOS is very device specific, which would mean that either somebody finds you very interesting on a level that's NSA-tech worthy, or China hackers just leveled up.
I have a hard time just believing this, and there's a ton of attack angles that would be much more efficient to bug someone.
Also. Since when was hacker news downgraded to a personal helpdesk?
I have a hard time just believing this, and there's a ton of attack angles that would be much more efficient to bug someone.
Also. Since when was hacker news downgraded to a personal helpdesk?