Your PC or Laptop May Have a Backdoor Enabled by Default, Millions Do - Computerworld

August 14, 2014

Your PC or Laptop May Have a Backdoor Enabled by Default, Millions Do - Computerworld

Computerworld, By Darlene Storm

Did you grant permission for a LoJack-like software to establish secret communications and connect to a server each time you boot up your laptop or PC? That answer is probably not, but most PCs have the anti-theft softwareAbsolute Computrace embedded in their BIOS/UEFI. Although it’s legitimate software, it behaves a lot like malware, leaving a “backdoor” that could allow attackers to execute remote code. In fact, at Black Hat USA, researchers used Computrace vulnerabilities to remotely wipe a brand new out-of-the-box Windows 8 x64 laptop.

"Absolute Backdoor Revisted" was presented by Kaspersky Lab's Vitaly Kamluk and Sergey Belov, along with Anibal Sacco from Cubica Labs. During their presentation (pdf), they abused Computrace in multiple live demos to show how an attacker could take complete control of a PC. They are not certain if Computrace was enabled by default on most PCs by human error or unintentionally turned on by manufacturers, but they don’t believe it was introduced with malicious intentions. “Computrace was designed with good intentions, but our research shows that vulnerabilities in this software can turn a useful tool into a powerful weapon for cybercriminals.” Read more.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Your PC or Laptop May Have a Backdoor Enabled by Default, Millions Do - Computerworld

Your PC or Laptop May Have a Backdoor Enabled by Default, Millions Do - Computerworld

About Kaspersky

Related Articles Press Releases

Kaspersky Lab Joins Forces with Merchant Risk Council to Help Combat eCommerce Fraud

Kaspersky Lab North America Recognized on CRN’s 2018 Security 100 List

Kaspersky Lab North America Releases its Inaugural Corporate Social Responsibility Report

Kaspersky Lab Appeals U.S. Department of Homeland Security Debarment

Poor Security Practices put Cloud-Driven Business Growth and Cost Savings at Risk

Kaspersky Lab Story of the Year 2017: More Than One Quarter of Ransomware Attacks Target Businesses

Kaspersky Lab Survey: IT Security Experts Uncertain on How to Combat Targeted Attacks

Kaspersky Lab Creates Pop-Up Shop Experience Using New Currency to Showcase the Value of Personal Data

Kaspersky Lab Enters Endpoint Detection and Response Market with New Solution

Kaspersky Lab North America Champions National Cyber Security Awareness Month 2017