In the wake of WikiLeaks’ revelation that the CIA has developed malicious malware that allows them to take over computers, Intel Security, the world’s largest security technology firm, has released new toolkits that can detect rogue software.
The malware, or ‘rootkit’, is designed to allow access to parts of a computer where it typically wouldn’t be allowed and can hide the existence of other activities.
According to the leaked data, the CIA created Extensible Firmware Interface (EFI) rootkits to hack into Apple Macbooks. The malicious software can allegedly embed itself in a computer’s low-level firmware and runs as the system is booting up. It is also coded to survive system updates, reinstallations, and can restore malware that gets removed.
In response to the WikiLeaks release, Intel Security’s Advanced Threat Research team has created a new module for its existing CHIPSEC open-source framework that can detect the rogue EFI. The module can run on Windows, Linux, and macOS.