Can a Motherboard Contain Malware?

When one thinks of malware or spyware, you ordinarily think of some malicious code transmitted via an email file attachment or a web site that takes advantage of a browser exploit.

Did you know that malware can actually find a nice cozy home in firmware – even on a server? Believe it.

Dell recently has come under fire for providing replacement motherboards that did in fact contain malware in them, specifically in the embedded server management firmware. For PCs? No. For specific PowerEdge servers running Windows (non-Windows servers are not affected).

It should be noted that this is not a super-huge-wide problem, and that Dell responded very quickly (in just 90 minutes!) – but made sure to point out in a statement that the malware “..potentially manifests itself when a customer has a specific configuration and is not running current anti-virus software.”

Once again, it just goes to show that you should have anti-virus running and regularly updated – including on your server (even if just a regular PC acting as a home server).

Do you run a home server? What OS do you run on it, and what anti-virus do you use on it, if any? Let us know by writing a comment or two.

Like what you read?

If so, please join over 28,000 people who receive our exclusive weekly newsletter and computer tips, and get FREE COPIES of 5 eBooks we created, as our gift to you for subscribing. Just enter your name and email below:

http://fix-it-blog.com/ Monte
Greetings Rich,
If the firmware (BIOS) has malware embedded in the code then someone at DELL or their BIOS publishing house is the culprit.
Back in the 1980-1990's I would modify the BIOS drive tables for the larger drives that were coming out, it was cheaper to do that than to buy the upgrade for some BIOS (Phoenix, AMI, etc) or so my boss thought.
Considering that the BIOS code is a compiled binary format and written in machine code (hex) then the malware would also have to be machine code and there are very few people today that can code, complile, and debug machine code.
But yes it is possible for someone with the knowledge and tools to insert the code in a binary, the thing is the security at DELL and their BIOS publishing house has failed.
Some heads should roll at HR in both places.
I have two servers that run 24/7, they have AVG, Trojan Hunter, and Spy Doctor on them. (They are not Dell's either).
Now I wonder… Naw, don't have time to mess with it.

Dave
Still on my old IBM 200 MHz pentium 1 machine now running ubuntu-10.04 server here at home – been running more-or-less continuously since 2000 or thereabouts. I think the longest single stretch of uptime was 678 days or something like that (rebooted when we moved from one house to another). I found three of them for $50 each. I like having parity protected RAM. Even the old Samsung 40GB HDD is doing well, although a little cramped nowadays.
Just ran into pcmech.com when searching for a lightweight IMAP client (found sylpheed – thank you kindly for the pointer). Been practicing lightweight computing for some years (on an IBM 600X thinkpad that's now on it's 4th or 5th replacement battery)….
Thanks for the web site!