nn67p@outlook.com
Beta member
- Messages
- 1
- Location
- Belleville, IL
Hello,
I apologize if this is in the wrong forum - if so, please move. But I thought this was a little more serious than "malware."
I am looking for a verifiable security firm - if not one of the larger ones, or advice on how to reach them.
I have a USB flash drive with a copy of what appears to be a "gapless" UEFI rootkit ie. "Badbios" that can use a number of exploits to make an end run around Windows 8 and Windows 10 app signing, and various AV to install unsigned Windows drivers, sometime after which it takes over the I/O controller intercepting commands to the disk, and infecting as much firmware as it can: video card, touchscreen, etc. And yes, it exploits the Intel vulnerability unveiled at Blackhat.
It appears to be gapless. After burning through many home PCs, and many exchanged ones, I exchanged yet again for a Dell Inspiron 23 'all-in-one' touchscreen model today (8/18/2015.)
At this large national brick-and-morter retailer, I was allowed to fortify it with the latest Dell patches to everything including SATA, and the Intel Chipset (driver dated July 31) I installed a variety of anti-malware and saved various errors and Windows 8.1 event logs as I went.
Somewhere along the way, this rootkit (seems to have) jumped from my Apple 6 Plus in my pocket to said PC right there in the store. As stated above, it took over the i/o controller and UEFI, the touchscreen and video card firmware. It may be elsewhere.
I give in. I am an IT professional with 17 years of experience as a Windows Systems Admin (with emphasis on VMware) and have a pretty good grasp of the network side of things - switch config, firewall, routers, TCPIP routing etc. I am more than willing to hand this over to the right individuals at a verifiable security firm in exchange for help, or only if to give the security community more information about what hit me.
This infected my system from a personal USB flash drive that I have been very careful with, but that had the rootkit added by individuals (I cannot go into specifics here) in which I held a trust. Nothing illegal, hacking or otherwise, just a trust. I am an average Windows Sysadmin who has had to ramp up very quickly on forensics, rootkits, etc.
Again, I have the USB drive and/or can provide a BIN image of the drive imaged with Recurva or the delivery method of your choice.
I have collected everything I can think of to collect, and indeed, have a number of infected systems and top end Linksys WRT router.
Anyone with advice on my statement above that is in bold please contact me. I have allowed my forum profile to allow you to send me email directly.
This will all come out in time, and I'll leave it to Infosec professionals to release that info as I, again, am not a Infosec pro.
Thank you.
I apologize if this is in the wrong forum - if so, please move. But I thought this was a little more serious than "malware."
I am looking for a verifiable security firm - if not one of the larger ones, or advice on how to reach them.
I have a USB flash drive with a copy of what appears to be a "gapless" UEFI rootkit ie. "Badbios" that can use a number of exploits to make an end run around Windows 8 and Windows 10 app signing, and various AV to install unsigned Windows drivers, sometime after which it takes over the I/O controller intercepting commands to the disk, and infecting as much firmware as it can: video card, touchscreen, etc. And yes, it exploits the Intel vulnerability unveiled at Blackhat.
It appears to be gapless. After burning through many home PCs, and many exchanged ones, I exchanged yet again for a Dell Inspiron 23 'all-in-one' touchscreen model today (8/18/2015.)
At this large national brick-and-morter retailer, I was allowed to fortify it with the latest Dell patches to everything including SATA, and the Intel Chipset (driver dated July 31) I installed a variety of anti-malware and saved various errors and Windows 8.1 event logs as I went.
Somewhere along the way, this rootkit (seems to have) jumped from my Apple 6 Plus in my pocket to said PC right there in the store. As stated above, it took over the i/o controller and UEFI, the touchscreen and video card firmware. It may be elsewhere.
I give in. I am an IT professional with 17 years of experience as a Windows Systems Admin (with emphasis on VMware) and have a pretty good grasp of the network side of things - switch config, firewall, routers, TCPIP routing etc. I am more than willing to hand this over to the right individuals at a verifiable security firm in exchange for help, or only if to give the security community more information about what hit me.
This infected my system from a personal USB flash drive that I have been very careful with, but that had the rootkit added by individuals (I cannot go into specifics here) in which I held a trust. Nothing illegal, hacking or otherwise, just a trust. I am an average Windows Sysadmin who has had to ramp up very quickly on forensics, rootkits, etc.
Again, I have the USB drive and/or can provide a BIN image of the drive imaged with Recurva or the delivery method of your choice.
I have collected everything I can think of to collect, and indeed, have a number of infected systems and top end Linksys WRT router.
Anyone with advice on my statement above that is in bold please contact me. I have allowed my forum profile to allow you to send me email directly.
This will all come out in time, and I'll leave it to Infosec professionals to release that info as I, again, am not a Infosec pro.
Thank you.
.
