Google’s VirusTotal now picks out suspicious firmware
Google’s VirusTotal service has added a new tool that analyzes firmware, the low-level code that bridges a computer’s hardware and operating system at startup.
Advanced attackers, including the U.S. National Security Agency, have targeted firmware as a place to embed malware since it’s a great place to hide.
Since antivirus programs “are not scanning this layer, the compromise can fly under the radar,” wrote Francisco Santos, an IT security engineer with VirusTotal, in a blog post on Wednesday.
Also, malware hidden in firmware often can’t be easily erased and can survive reboots and fresh installs of an OS, Santos wrote.