Pre-installed Computrace Software Could be Used to Hijack Computers: Kaspersky Lab

12 Feb 2014

SecurityWeek, By Brian Prince

Security researchers at Kaspersky Lab claim in a new report that the Computrace agent residing in the firmware of many popular laptop and desktop computers can be used as a springboard for attackers.

Made by Absolute Software, Computrace is marketed as a product that can help organizations track and secure their endpoints. The Computrace agent resides in the firmware of devices, making it difficult to remove.

According to Kaspersky Lab, Computrace uses many tricks popular among malicious software. For example, it uses anti-debugging and anti-reverse engineering techniques, injects memory into other processes and keeps configuration files encrypted. The network protocol used by the Computrace Small Agent provides basic features for remote code execution. The protocol does not require the use of any encryption or authentication of the remote server, opening up avenues of attack. Read more.