{{Short description|BIOS-based computer malware}} '''BadBIOS''' is alleged malware described by network security researcher Dragos Ruiu in October 31, 2013<ref name=regbreaking>{{cite news|last1=Leyden|first1=John|title=Indestructible, badass rootkit BadBIOS: Is this tech world's Loch Ness Monster? VOTE NOW|url=https://www.theregister.co.uk/2013/11/01/breaking_badbios|accessdate=30 December 2014|date=1 Nov 2013}}</ref><ref name=arstech /> with the ability to communicate between instances of itself across air gaps using ultrasonic communication between a computer's speakers and microphone.<ref>{{cite news|last1=Grimes|first1=Roger A.|title=4 reasons BadBIOS isn't real|url=http://www.infoworld.com/article/2609622/security/4-reasons-badbios-isn-t-real.html|accessdate=30 December 2014|date=Nov 12, 2013}}</ref><ref name=arstech>{{cite news|last1=Goodin|first1=Dan|title=Meet "badBIOS," the mysterious Mac and PC malware that jumps airgaps|url=https://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/|accessdate=31 December 2014|date=31 Oct 2013}}</ref> To date, there have been no proven occurrences of this malware.

Ruiu says that the malware is able to infect the BIOS of computers running Windows, Mac OS X, BSD and Linux as well as spread infection over USB flash drives.<ref name=arstech /> Rob Graham of Errata Security produced a detailed analysis<ref>{{cite web|last1=Graham|first1=Robert|title=#badBIOS features explained|url=http://blog.erratasec.com/2013/10/badbios-features-explained.html|accessdate=30 December 2014}}</ref> of each element of the descriptions of BadBIOS's capabilities, describing the software as "plausible", whereas Paul Ducklin on the Sophos Naked Security blog<ref>{{cite web|last1=Ducklin|first1=Paul|title=The "BadBIOS" virus that jumps airgaps and takes over your firmware - what's the story?|date=November 2013|url=https://nakedsecurity.sophos.com/2013/11/01/the-badbios-virus-that-jumps-airgaps-and-takes-over-your-firmware-whats-the-story/|accessdate=30 December 2014|archive-date=31 December 2014|archive-url=https://web.archive.org/web/20141231010750/https://nakedsecurity.sophos.com/2013/11/01/the-badbios-virus-that-jumps-airgaps-and-takes-over-your-firmware-whats-the-story/|url-status=dead}}</ref> suggested "It's possible, of course, that this is an elaborate hoax".<ref name=regbreaking /> After Ruiu posted data dumps which supposedly demonstrated the existence of the virus, "all signs of maliciousness were found to be normal and expected data".<ref>{{cite web|last1=Grimes|first1=Roger A.|title=New NSA hack raises the specter of BadBIOS |date=3 March 2015|url=http://www.infoworld.com/article/2891692/security/does-the-final-nsa-hack-prove-badbios-was-real.html|accessdate=7 September 2015}}</ref>

In November 25, 2013 computer scientists Michael Hanspach and Michael Goetz released a paper to the ''Journal of Communication''<ref name=":JoC">{{Cite journal |last1=Hanspach |first1=Michael |last2=Goetz |first2=Michael |date=2013-11-25 |title=On Covert Acoustical Mesh Networks in Air |url=https://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdf |url-status=live |journal=Journal of Communications |volume=8 |issue=11 |pages=758–767 |doi=10.12720/jcm.8.11.758-767 |archive-url=https://web.archive.org/web/20131203091554/https://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdf |archive-date=2013-12-03 |access-date=2025-10-29 |quote='''Abstract''' — Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system.<br>We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium.[...]}}</ref> demonstrating the possibility of an acoustic mesh networking at a slow 20 bits per second using a set of speakers and microphones for sonic communication in a fashion similar to BadBIOS's described abilities.<ref>{{cite news|last1=Leyden|first1=John|title=Hear that? It's the sound of BadBIOS wannabe chatting over air gaps|url=https://www.theregister.co.uk/2013/12/05/airgap_chatting_malware/|accessdate=30 December 2014|date=5 Dec 2013}}</ref>

== See also == * Air gap (networking) * Near sound data transfer * Van Eck phreaking

== References == {{Reflist}}

Category:Computer viruses

{{malware-stub}} Category:Malware