Se puede hacer, no es fácil, pero se puede. De hecho hay malware que se guardan en la bios, simplemente "hay que poner el código donde quieras".
Mira este articulo:
Recent research suggests that rootkit malware can be designed to infect the flash memory of the BIOS and "live" in the BIOS, thereby surviving the "clean install" so many of us recommend as the "ultimate" and often the best solution for infestations. A clean install wouldn't remedy the infection . . . it would just come back again from the BIOS unless the BIOS was also flashed with a clean copy. Which means users would have to keep a clean copy of the BIOS handy and also know how to flash it.
At this stage it's only been demonstrated in controlled environments by security researchers, but the malware writers can't be too far behind and some think malware bums may be ready to release something into the wild in the next few weeks.
Don't want to sound like the-sky-is-falling Chicken Little, but this is not good news! If the malware creators find a way of injecting it into the BIOS of an infected machine there would have to be a complete rethink on the way that users are advised, and that in itself will be no mean feat either. We may have to go back to geek school to learn how to deal with this kind of nastiness .
If the malware writers have the ability to affect a computer's flash memory with a rootkit, the BIOS would need to be configured to disable writing to flash memory. BIOS password?
It's always a steep learning curve and the hill just got steeper!
Security expert articles on this can be found
here and
here.
BIOS password issues are discussed on Tom's Hardware
here.
This injection is true for systems that are "open" and I quote from one article:
"Of course, injecting code into the BIOS is no easy feat. It requires physical access to the machine or an exploit that hands an attacker unfettered root access"
Unfettered root access = ability to make changes to the bios, aka: Flash BIOS
Some Mainboards have Jumpers to protect before erroneously Flashing.
Other Mainboards have a BIOS-Setup-Option called
"Flash Bios Protection", "Firmware Write Protect", "Bios Guardian" or "BIOS-ROM Flash-Protect"
Whether via jumper or BIOS setting, they are generally enabled to protect you, though it doesn't hurt to check for yourself to make sure.
Fuente:
HowToGeek [Forum]Hay una presentación de la conferencia BlackHat bastante interesante:
Implementing and Detecting an ACPI BIOS Rootkit. John Heasman [Enlace]