MBR infections are becoming more and more often, I'm afraid, but only really came to light back in the days where TDSS ruled the forums. The tools are becoming very efficient at removing MBR infections though so an MBR infection isn't a thing of much concern to analysts any more. As far as I know, only Award BIOSs can be infected and I only know of one rootkit (in the wild, not proof of concept) capable of doing this, Mebromi:
Mebromi: the first BIOS rootkit in the wild | Webroot Threat Blog - Internet Security Threat Updates from Around the World
Fortunately, it doesn't have a privilege escalation exploit in it so the whole process relies on the victim escalating the dropper, which is unlikely
My Computer
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- Build #1
- OS
- Windows 8.1 Pro x64
- CPU
- Intel i7 3770K @4.5GHz
- Motherboard
- ASUS P8Z77-V PRO
- Memory
- Corsair Vengeance 2x4GB DDR3 1600MHz Low Profile (White)
- Graphics Card(s)
- Gigabyte Radeon HD 7850 (2GB GDDR5)
- Sound Card
- Integrated on motherboard
- Monitor(s) Displays
- 23" LG LCD/LED IPS
- Screen Resolution
- 1920*1080
- Hard Drives
- Samsung EVO 128GB SSD
Seagate Barracuda 2GB 7200rpm
2x Seagate FreeAgent [500gb]
- PSU
- Corsair TX650W V2 (80+ Bronze)
- Case
- NZXT Phantom 410 White
- Cooling
- Corsair H100 Water Cooler
- Keyboard
- Microsoft Desktop 2000 Wireless Keyboard
- Mouse
- Microsoft Desktop 2000 Wireless Mouse
- Internet Speed
- 95 Mb/s Download 70 Mb/s Upload
- Antivirus
- MSE + MBAM Pro
- Browser
- Firefox
